Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1560868
MD5:2dbf5e00223bd7d14ca7ed7be362866f
SHA1:034858ad907ea7bc24a77e51140d3b97efd7ab21
SHA256:dc88cca0c72a2d4c7f1bc6dcbea6e36825270ed11e34c08f80ee22fb146ca31f
Tags:exeuser-Bitsight
Infos:

Detection

Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Attempt to bypass Chrome Application-Bound Encryption
Found malware configuration
Yara detected Telegram RAT
AI detected suspicious sample
Excessive usage of taskkill to terminate processes
Found pyInstaller with non standard icon
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)
Query firmware table information (likely to detect VMs)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to harvest and steal browser information (history, passwords, etc)
Uses the Telegram API (likely for C&C communication)
AV process strings found (often used to terminate AV products)
Binary contains a suspicious time stamp
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to query CPU information (cpuid)
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found dropped PE file which has not been started or loaded
Found evasive API chain checking for process token information
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a global mouse hook
JA3 SSL client fingerprint seen in connection with other malware
PE file contains executable resources (Code or Archives)
PE file contains sections with non-standard names
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Browser Started with Remote Debugging
Sigma detected: Execution of Suspicious File Type Extension
Spawns drivers
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 6848 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 2DBF5E00223BD7D14CA7ED7BE362866F)
    • file.exe (PID: 5476 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 2DBF5E00223BD7D14CA7ED7BE362866F)
      • cmd.exe (PID: 6844 cmdline: C:\Windows\system32\cmd.exe /c "dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txt" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 6776 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • dxdiag.exe (PID: 5268 cmdline: dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txt MD5: 19AB5AD061BF013EBD012D0682DF37E5)
      • taskkill.exe (PID: 528 cmdline: taskkill /F /IM chrome.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 3812 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • chrome.exe (PID: 4476 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 6764 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=1988 --field-trial-handle=2004,i,16873657089946729221,16671226783605916720,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • taskkill.exe (PID: 4072 cmdline: taskkill /F /IM chrome.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 2672 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • chrome.exe (PID: 7628 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7828 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2016 --field-trial-handle=1996,i,2032109330353751590,13028974580121269176,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • taskkill.exe (PID: 7980 cmdline: taskkill /F /IM chrome.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 8008 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • chrome.exe (PID: 8060 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 760 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=1872 --field-trial-handle=1980,i,7019123131012893565,15323579879947470228,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • taskkill.exe (PID: 7812 cmdline: taskkill /F /IM msedge.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 7808 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • msedge.exe (PID: 2968 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 69222B8101B0601CC6663F8381E7E00F)
        • msedge.exe (PID: 6120 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2104 --field-trial-handle=2072,i,14760293394605899277,10581962885320868667,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
      • taskkill.exe (PID: 7704 cmdline: taskkill /F /IM msedge.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 7788 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • msedge.exe (PID: 7932 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 69222B8101B0601CC6663F8381E7E00F)
      • taskkill.exe (PID: 7672 cmdline: taskkill /F /IM msedge.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 6504 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • msedge.exe (PID: 7724 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 69222B8101B0601CC6663F8381E7E00F)
        • msedge.exe (PID: 5396 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2108 --field-trial-handle=2064,i,17575325319365732122,6172249017616596838,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
      • taskkill.exe (PID: 6528 cmdline: taskkill /F /IM msedge.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 7360 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • msedge.exe (PID: 8440 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 69222B8101B0601CC6663F8381E7E00F)
        • msedge.exe (PID: 8428 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2112 --field-trial-handle=2060,i,1519810673855940657,8127465609125034474,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
      • taskkill.exe (PID: 7780 cmdline: taskkill /F /IM msedge.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 7864 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • msedge.exe (PID: 8956 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 69222B8101B0601CC6663F8381E7E00F)
        • msedge.exe (PID: 7748 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,4569417142642358918,1547684186526237323,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
      • taskkill.exe (PID: 8500 cmdline: taskkill /F /IM msedge.exe MD5: A599D3B2FAFBDE4C1A6D7D0F839451C7)
        • conhost.exe (PID: 8580 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • msedge.exe (PID: 528 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox MD5: 69222B8101B0601CC6663F8381E7E00F)
        • msedge.exe (PID: 3376 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2092 --field-trial-handle=1920,i,13001128338599722861,135731140457965479,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • mstee.sys (PID: 4 cmdline: MD5: 244C73253E165582DDC43AF4467D23DF)
  • mskssrv.sys (PID: 4 cmdline: MD5: 26854C1F5500455757BC00365CEF9483)
  • msedge.exe (PID: 6292 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 4752 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2016 --field-trial-handle=1972,i,726754713040708390,11510396830708599302,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 7120 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7564 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2080 --field-trial-handle=2020,i,11210025246069236568,6039799949721482261,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 8412 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 1976 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2080 --field-trial-handle=2064,i,12556399923150263826,2501368566727980130,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 8624 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8164 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2072 --field-trial-handle=2036,i,1611766081639755236,2586004836248563306,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 8856 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 4744 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2044 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8836 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --no-sandbox --mojo-platform-channel-handle=5132 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7088 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --no-sandbox --onnx-enabled-for-ee --mojo-platform-channel-handle=5192 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Configuration

Threatname: Telegram RAT

{"C2 url": "https://api.telegram.org/bot7027613045:aagx3rpo-1uhb195if6jixakjypoomnxxuu/sendMessage"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_TelegramRATYara detected Telegram RATJoe Security
    Process Memory Space: file.exe PID: 5476JoeSecurity_TelegramRATYara detected Telegram RATJoe Security

      Sigma Signatures

      Sigma detected: Browser Started with Remote Debugging
      Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox, CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox, CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\file.exe", ParentImage: C:\Users\user\Desktop\file.exe, ParentProcessId: 5476, ParentProcessName: file.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox, ProcessId: 4476, ProcessName: chrome.exe
      Sigma detected: Execution of Suspicious File Type Extension
      Source: Process startedAuthor: Max Altgelt (Nextron Systems): Data: Command: , CommandLine: , CommandLine|base64offset|contains: , Image: C:\Windows\System32\drivers\mstee.sys, NewProcessName: C:\Windows\System32\drivers\mstee.sys, OriginalFileName: C:\Windows\System32\drivers\mstee.sys, ParentCommandLine: , ParentImage: , ParentProcessId: -1, ProcessCommandLine: , ProcessId: 4, ProcessName: mstee.sys

      Suricata Signatures

      No Suricata rule has matched

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Found malware configuration
      Source: file.exe.5476.2.memstrminMalware Configuration Extractor: Telegram RAT {"C2 url": "https://api.telegram.org/bot7027613045:aagx3rpo-1uhb195if6jixakjypoomnxxuu/sendMessage"}
      AI detected suspicious sample
      Source: Submited SampleIntegrated Neural Analysis Model: Matched 89.2% probability
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info\LICENSE.txtJump to behavior
      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49706 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.5:49710 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.5:49748 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.5:49757 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.190.147.11:443 -> 192.168.2.5:49805 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49841 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.190.147.11:443 -> 192.168.2.5:49867 version: TLS 1.2
      Source: file.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
      Source: Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmp
      Source: Binary string: D:\a\1\b\libcrypto-3.pdb| source: file.exe, 00000002.00000002.3014036096.00007FF8A84EA000.00000002.00000001.01000000.0000000F.sdmp
      Source: Binary string: D:\a\1\b\libssl-3.pdbDD source: file.exe, 00000002.00000002.3020594383.00007FF8A9355000.00000002.00000001.01000000.00000013.sdmp
      Source: Binary string: D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\pywintypes.pdb** source: file.exe, 00000002.00000002.3021936981.00007FF8B0551000.00000002.00000001.01000000.0000002C.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_wmi.pdb(('GCTL source: file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033965402.00007FF8BA4F4000.00000002.00000001.01000000.0000000A.sdmp
      Source: Binary string: @ compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG"OpenSSL 3.0.15 3 Sep 20243.0.15built on: Wed Sep 4 15:52:04 2024 UTCplatform: VC-WIN64A-masmOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-3"MODULESDIR: "C:\Program Files\OpenSSL\lib\ossl-modules"CPUINFO: N/Anot availableget_and_lock..\s\crypto\ex_data.cossl_crypto_get_ex_new_index_exossl_crypto_new_ex_data_exCRYPTO_dup_ex_dataCRYPTO_set_ex_dataOPENSSL_WIN32_UTF8..\s\crypto\getenv.ccompiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG";CPUINFO: OPENSSL_ia32cap=0x%llx:0x%llxOPENSSL_ia32cap env:%sos-specificC:\Program Files\Common Files\SSLC:\Program Files\OpenSSL\lib\ossl-modules.dllCPUINFO: ..\s\crypto\init.cOPENSSL_init_cryptoOPENSSL_atexit..\s\crypto\initthread.c..\s\crypto\mem_sec.cassertion failed: (bit & 1) == 0assertion failed: list >= 0 && list < sh.freelist_sizeassertion failed: ((ptr - sh.arena) & ((sh.arena_size >> list) - 1)) == 0assertion failed: bit > 0 && bit < sh.bittable_sizeassertion failed: TESTBIT(table, bit)assertion failed: !TESTBIT(table, bit)assertion failed: WITHIN_FREELIST(list)assertion failed: WITHIN_ARENA(ptr)assertion failed: temp->next == NULL || WITHIN_ARENA(temp->next)assertion failed: (char **)temp->next->p_next == listassertion failed: WITHIN_FREELIST(temp2->p_next) || WITHIN_ARENA(temp2->p_next)assertion failed: size > 0assertion failed: (size & (size - 1)) == 0assertion failed: (minsize & (minsize - 1)) == 0assertion failed: sh.freelist != NULLassertion failed: sh.bittable != NULLassertion failed: sh.bitmalloc != NULLassertion failed: !sh_testbit(temp, slist, sh.bitmalloc)assertion failed: temp != sh.freelist[slist]assertion failed: sh.freelist[slist] == tempassertion failed: temp-(sh.arena_size >> slist) == sh_find_my_buddy(temp, slist)assertion failed: sh_testbit(chunk, list, sh.bittable)assertion failed: WITHIN_ARENA(chunk)assertion failed: sh_testbit(ptr, list, sh.bittable)assertion failed: ptr == sh_find_my_buddy(buddy, list)assertion failed: ptr != NULLassertion failed: !sh_testbit(ptr, list, sh.bitmalloc)assertion failed: sh.freelist[list] == ptr/*0123456789ABCDEFCRYPTO_memdup..\s\crypto\o_str.chexstr2buf_sepossl_hexstr2buf_sepbuf2hexstr_sepossl_buf2hexstr_sep..\s\crypto\packet.cwpacket_intern_init_lenWPACKET_start_sub_packet_len__..\s\crypto\param_build.cparam_pushparam_push_numOSSL_PARAM_BLD_push_BN_padNegative big numbers are unsupported for OSSL_PARAMOSSL_PARAM_BLD_push_utf8_stringOSSL_PARAM_BLD_push_utf8_ptrOSSL_PARAM_BLD_push_octet_stringOSSL_PARAM_BLD_p
      Source: Binary string: D:\a\1\b\bin\amd64\_overlapped.pdb source: file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: file.exe, 00000000.00000003.2049216445.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033498205.00007FF8B9F74000.00000002.00000001.01000000.00000005.sdmp
      Source: Binary string: compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" source: file.exe, 00000002.00000002.3014036096.00007FF8A8452000.00000002.00000001.01000000.0000000F.sdmp
      Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdbGCTL source: file.exe, 00000000.00000003.2049216445.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033498205.00007FF8B9F74000.00000002.00000001.01000000.00000005.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\sqlite3.pdb source: file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmp
      Source: Binary string: D:\a\1\b\libcrypto-3.pdb source: file.exe, 00000002.00000002.3014036096.00007FF8A84EA000.00000002.00000001.01000000.0000000F.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_multiprocessing.pdb source: file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\win32crypt.pdb!! source: file.exe, 00000002.00000002.3022290738.00007FF8B27C2000.00000002.00000001.01000000.0000002B.sdmp
      Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: file.exe, 00000000.00000003.2049368690.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033097659.00007FF8B9845000.00000002.00000001.01000000.0000000B.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\select.pdb source: file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3030572834.00007FF8B8AF3000.00000002.00000001.01000000.00000011.sdmp
      Source: Binary string: D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\pywintypes.pdb source: file.exe, 00000002.00000002.3021936981.00007FF8B0551000.00000002.00000001.01000000.0000002C.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3031679829.00007FF8B8C16000.00000002.00000001.01000000.0000000E.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdbNN source: file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3031274173.00007FF8B8B3B000.00000002.00000001.01000000.00000009.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_asyncio.pdb source: file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\pyexpat.pdb source: file.exe, 00000002.00000002.3029608974.00007FF8B7E52000.00000002.00000001.01000000.0000000C.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_queue.pdb source: file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3032023397.00007FF8B8CB3000.00000002.00000001.01000000.0000000D.sdmp
      Source: Binary string: D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\win32crypt.pdb source: file.exe, 00000002.00000002.3022290738.00007FF8B27C2000.00000002.00000001.01000000.0000002B.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3031274173.00007FF8B8B3B000.00000002.00000001.01000000.00000009.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3032736724.00007FF8B93CD000.00000002.00000001.01000000.00000008.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_wmi.pdb source: file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033965402.00007FF8BA4F4000.00000002.00000001.01000000.0000000A.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_socket.pdb source: file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3030933816.00007FF8B8B09000.00000002.00000001.01000000.00000010.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_sqlite3.pdb source: file.exe, 00000002.00000002.3028806832.00007FF8B7DEF000.00000002.00000001.01000000.00000014.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\python313.pdb source: file.exe, 00000002.00000002.3015838667.00007FF8A89B8000.00000002.00000001.01000000.00000004.sdmp
      Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdbGCTL source: file.exe, 00000000.00000003.2049368690.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033097659.00007FF8B9845000.00000002.00000001.01000000.0000000B.sdmp
      Source: Binary string: D:\a\1\b\libssl-3.pdb source: file.exe, 00000002.00000002.3020594383.00007FF8A9355000.00000002.00000001.01000000.00000013.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_ssl.pdb source: file.exe, 00000002.00000002.3029130513.00007FF8B7E0E000.00000002.00000001.01000000.00000012.sdmp
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C29280 FindFirstFileExW,FindClose,0_2_00007FF7A0C29280
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C283C0 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00007FF7A0C283C0
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C41874 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,0_2_00007FF7A0C41874
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C29280 FindFirstFileExW,FindClose,2_2_00007FF7A0C29280
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C283C0 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,2_2_00007FF7A0C283C0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C41874 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,2_2_00007FF7A0C41874
      Source: chrome.exeMemory has grown: Private usage: 1MB later: 20MB

      Networking

      barindex
      Uses the Telegram API (likely for C&C communication)
      Source: unknownDNS query: name: api.telegram.org
      Source: Joe Sandbox ViewIP Address: 104.26.9.59 104.26.9.59
      Source: Joe Sandbox ViewIP Address: 152.195.19.97 152.195.19.97
      Source: Joe Sandbox ViewIP Address: 18.238.49.52 18.238.49.52
      Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=5SDM6BUbS8a9zeP&MD=psOvlA2P HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
      Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
      Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=5SDM6BUbS8a9zeP&MD=psOvlA2P HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
      Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/vendors.7e27cca6027b8d6697cb.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/microsoft.4a2a9ed8240d3004231b.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/common.37c1906034fdaa41cb10.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/experience.3f74dd37531362580037.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1732882456&P2=404&P3=2&P4=FLz%2fp%2ba9xa1qwjUWDW19RBN4TS2ZPOrUU71O%2fEjVe0knn0ohKBxzSQ9g4%2bMvFcVdJIY%2fau9zZQyLCNvZCCr9yA%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 7rS6HLyOMYdfUAakyhShboSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /statics/icons/favicon_newtabpage.png HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=3116A657B59463FA2738B368B4F6621C; _EDGE_S=F=1&SID=3B915B79072C65AD331F4E46060364AD; _EDGE_V=1
      Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1732277663448&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=2a78d414ef7845779eff3d939c50f704&activityId=2a78d414ef7845779eff3d939c50f704&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=3116A657B59463FA2738B368B4F6621C; _EDGE_S=F=1&SID=3B915B79072C65AD331F4E46060364AD; _EDGE_V=1
      Source: global trafficHTTP traffic detected: GET /b?rn=1732277663449&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=3116A657B59463FA2738B368B4F6621C&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1732277663448&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=2a78d414ef7845779eff3d939c50f704&activityId=2a78d414ef7845779eff3d939c50f704&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=3A24BC40B0914574A6886B2E565C3D45&RedC=c.msn.com&MXFR=3116A657B59463FA2738B368B4F6621C HTTP/1.1Host: c.bing.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-MS-GEC: FB450AA0900C1778FCF6B454FCA05A175C59AC5358BDED22E8B9AFD41A887C94Sec-MS-GEC-Version: 1-117.0.2045.47Referer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msKXX.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /b2?rn=1732277663449&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=3116A657B59463FA2738B368B4F6621C&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: UID=1B7355d4c235edb6150f6691732277664; XID=1B7355d4c235edb6150f6691732277664
      Source: global trafficHTTP traffic detected: GET /v4/api/selection?nct=1&fmt=json&nocookie=0&locale=en-us&country=US&muid=3116A657B59463FA2738B368B4F6621C&ACHANNEL=4&ABUILD=117.0.5938.132&clr=esdk&edgeid=6686581979505309747&ADEFAB=1&devosver=10.0.19045.2006&OPSYS=WIN10&poptin=0&UITHEME=light&pageConfig=547&ISSIGNEDIN=0&MSN_CANVAS=2&ISMOBILE=0&BROWSER=6&placement=88000308|10837393&bcnt=1|1&asid=e8959ea3616241cd98c650ebf2023ce9 HTTP/1.1Host: arc.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=3116A657B59463FA2738B368B4F6621C; _EDGE_S=F=1&SID=3B915B79072C65AD331F4E46060364AD; _EDGE_V=1
      Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1732277663448&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=2a78d414ef7845779eff3d939c50f704&activityId=2a78d414ef7845779eff3d939c50f704&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=3A24BC40B0914574A6886B2E565C3D45&MUID=3116A657B59463FA2738B368B4F6621C HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=3116A657B59463FA2738B368B4F6621C; _EDGE_S=F=1&SID=3B915B79072C65AD331F4E46060364AD; _EDGE_V=1; SM=T
      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /v4/api/selection?nct=1&fmt=json&nocookie=1&locale=en-us&country=US&muid=3116A657B59463FA2738B368B4F6621C&bcnt=1&placement=88000244&ACHANNEL=4&ABUILD=117.0.5938.132&clr=esdk&edgeid=6686581979505309747&ADEFAB=1&devosver=10.0.19045.2006&OPSYS=WIN10&poptin=0&UITHEME=light&pageConfig=547&asid=371812b5e8ae47e0e2ee43ff66b9055b HTTP/1.1Host: arc.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=3116A657B59463FA2738B368B4F6621C; _EDGE_S=F=1&SID=3B915B79072C65AD331F4E46060364AD; _EDGE_V=1
      Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msOZ8.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msFQB.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msyCD.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA13Q6AL.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAc9vHK.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1lFz6G.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1cLbwq?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1sFuPI?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAAAWUx?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAtK5aP?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB18CMuA?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
      Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: - https://www.facebook.com/groups/ equals www.facebook.com (Facebook)
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: d- https://www.facebook.com/groups/ equals www.facebook.com (Facebook)
      Source: global trafficDNS traffic detected: DNS query: api.myip.com
      Source: global trafficDNS traffic detected: DNS query: www.google.com
      Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
      Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
      Source: global trafficDNS traffic detected: DNS query: api.telegram.org
      Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
      Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
      Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
      Source: file.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://.../back.jpeg
      Source: file.exe, 00000002.00000003.2970747028.0000028078DE5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2957029424.0000028078C4A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3006928419.000002807977F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956954575.00000280786A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C4D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925477405.0000028078B5E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942418424.0000028078BB1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940389920.0000028078B77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2947582504.0000028078C45000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2935859618.0000028078674000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942167226.0000028078688000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970865529.0000028078BB7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919339974.0000028078657000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948930593.0000028078C49000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://blog.cryptographyengineering.com/2012/05/how-to-choose-authenticated-encryption.html
      Source: file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.dig
      Source: file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digD
      Source: file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digi
      Source: file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digiC
      Source: file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digiD
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
      Source: file.exe, 00000002.00000003.2927870942.0000028078A70000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003616548.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://code.activestate.com/recipes/577452-a-memoize-decorator-for-instance-methods/
      Source: file.exe, 00000002.00000002.2999679595.0000028078684000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2947843856.0000028078683000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088922541.0000028078BA9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2935859618.0000028078674000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919339974.0000028078657000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089297635.0000028078B70000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088989051.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2979343421.0000028078684000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://code.activestate.com/recipes/577916/
      Source: file.exe, 00000002.00000003.2943572478.00000280796CB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004665186.0000028078E1E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.certigna.fr/certignarootca.crl01
      Source: file.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2941674210.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2953980340.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2986479235.0000028078C14000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927410534.0000028078450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2983010168.000002807848A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970630634.0000028078486000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2957491357.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2921237608.000002807844F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2976193634.0000028078486000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2998668394.000002807848A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967677257.0000028078484000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925477405.0000028078B5E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942418424.0000028078BB1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940389920.0000028078B77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956194135.0000028078BC0000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl
      Source: file.exe, 00000002.00000003.2925477405.0000028078B5E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942418424.0000028078BB1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940389920.0000028078B77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956194135.0000028078BC0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crle
      Source: file.exe, 00000002.00000003.2943572478.00000280796CB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004665186.0000028078E1E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl
      Source: file.exe, 00000002.00000003.2943572478.00000280796CB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl86
      Source: file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/SGCA.crl
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956861154.0000028078CB0000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/SGCA.crl0
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994065811.0000028078C78000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2987056856.0000028078C67000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2993507959.0000028078C72000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crl
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956861154.0000028078CB0000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crl0
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994065811.0000028078C78000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2987056856.0000028078C67000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2993507959.0000028078C72000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crlL4
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994065811.0000028078C78000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2987056856.0000028078C67000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2993507959.0000028078C72000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl
      Source: file.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2986479235.0000028078C14000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl0
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
      Source: file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2957029424.0000028078C4A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C4D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925477405.0000028078B5E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942418424.0000028078BB1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940389920.0000028078B77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2947582504.0000028078C45000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970865529.0000028078BB7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948930593.0000028078C49000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/eax/eax-spec.pdf
      Source: file.exe, 00000002.00000003.2967864414.0000028079754000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2969140891.000002807975A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://csrc.nist.gov/publications/nistpub
      Source: file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C.pdf
      Source: file.exe, 00000002.00000003.2970747028.0000028078DE5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956954575.00000280786A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2935859618.0000028078674000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942167226.0000028078688000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919339974.0000028078657000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955175325.000002807868E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
      Source: file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2938789624.0000028078CD7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925334145.0000028078CD6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2972101717.0000028078BE8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3008575604.0000028079F10000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2923073774.0000028078BE5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970218047.0000028078CD7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
      Source: file.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://curl.haxx.se/rfc/cookie_spec.html
      Source: file.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089297635.0000028078B70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.python.org/library/itertools.html#recipes
      Source: file.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://foo/bar.tar.gz
      Source: file.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://foo/bar.tgz
      Source: file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955945589.0000028078D9B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2966283089.0000028078D9B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2923129150.0000028078D98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984276983.0000028078D9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://google.com/
      Source: file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955945589.0000028078D94000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937410297.0000028078D8A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://google.com/mail/
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925477405.0000028078B5E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942418424.0000028078BB1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927525523.0000028078D49000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940389920.0000028078B77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967054109.0000028078D47000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955692629.0000028078D33000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945133580.0000028078BC7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
      Source: file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.accv.es
      Source: file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994335456.0000028078E23000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.accv.es0
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
      Source: file.exe, 00000002.00000003.2087222250.0000028078692000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2087521297.00000280786D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004852665.0000028078E50000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://opensource.apple.com/source/CF/CF-744.18/CFBinaryPList.c
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925477405.0000028078B5E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942418424.0000028078BB1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940389920.0000028078B77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970865529.0000028078BB7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://repository.swisssign.com/
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2977476568.0000028078D82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927525523.0000028078D49000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2968975475.0000028078D81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955340274.0000028078D77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2938319467.0000028078D4C000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2965839511.0000028078D81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954333259.0000028078D70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://repository.swisssign.com/H
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://repository.swisssign.com/n
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943116825.00000280797CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3007157912.00000280797CF000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2968601368.00000280797CE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2966083261.0000028078CA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2991742208.00000280797CF000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76
      Source: file.exe, 00000002.00000003.2624856475.0000028078A81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920071366.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2949420145.0000028078ABA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2938022843.0000028078ABA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925903020.0000028078AB9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955945589.0000028078D9B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2966283089.0000028078D9B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2923129150.0000028078D98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2995376930.0000028078ABA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919065357.0000028078A7D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984276983.0000028078D9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tools.ietf.org/html/rfc4880
      Source: file.exe, 00000002.00000002.3008929502.000002807A1CC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://tools.ietf.org/html/rfc5234
      Source: file.exe, 00000002.00000003.2970432547.000002807973C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://tools.ietf.org/html/rfc5869
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://tools.ietf.org/html/rfc6125#section-6.4.3
      Source: file.exe, 00000002.00000002.3008929502.000002807A1CC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://tools.ietf.org/html/rfc6455#section-5.2
      Source: file.exe, 00000002.00000003.2967311944.000002807978C000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2968445568.0000028079784000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://web.cs.ucdavis.edu/~rogaway/ocb/license.htm
      Source: file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994335456.0000028078E23000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
      Source: file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl
      Source: file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994335456.0000028078E23000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/legislacion_c.htm
      Source: file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994335456.0000028078E23000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/legislacion_c.htm0U
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994335456.0000028078E23000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es00
      Source: file.exe, 00000000.00000003.2060794506.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/
      Source: file.exe, 00000000.00000003.2060794506.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2061961962.000001B657035000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060794506.000001B657034000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3006928419.000002807977F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2923203666.00000280797D9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004135062.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2971135050.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3007229444.00000280797DC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937028342.00000280797DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
      Source: file.exe, 00000002.00000002.3004852665.0000028078E50000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.apple.com/DTDs/PropertyList-1.0.dtd
      Source: file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955945589.0000028078D94000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2946025848.0000028078E3A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937410297.0000028078D8A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.cert.fnmt.es/dpcs/
      Source: file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2946025848.0000028078E3A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.cert.fnmt.es/dpcs/N
      Source: file.exe, 00000002.00000002.3006928419.000002807977F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.cs.ucdavis.edu/~rogaway/papers/keywrap.pdf
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2054893062.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2052833165.000001B65702E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2057795054.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
      Source: file.exe, 00000002.00000003.2948395971.00000280796E9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2938789624.0000028078CD7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943572478.00000280796CB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925334145.0000028078CD6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3006138521.00000280796EA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2946193792.00000280796E4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2951564795.00000280796EA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970218047.0000028078CD7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.firmaprofesional.com/cps0
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2987056856.0000028078C67000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2993507959.0000028078C72000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadisglobal.com/cps
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942587047.0000028078C21000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2995775862.0000028078C22000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadisglobal.com/cps0
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2987056856.0000028078C67000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2993507959.0000028078C72000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadisglobal.com/cpsI
      Source: file.exe, 00000002.00000003.2967311944.000002807978C000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2968445568.0000028079784000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.rfc-editor.org/info/rfc7253
      Source: file.exe, 00000002.00000003.2968445568.0000028079784000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.tarsnap.com/scrypt/scrypt-slides.pdf
      Source: file.exe, 00000002.00000003.2994471117.0000028078DA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2923129150.0000028078D98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984276983.0000028078DA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924490998.0000028078DA0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wwwsearch.sf.net/):
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.myip.com
      Source: file.exe, 00000002.00000002.3009697250.000002807A230000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.myip.com/
      Source: file.exe, 00000002.00000002.3009697250.000002807A230000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.myip.com/0
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot
      Source: file.exe, 00000002.00000002.3008929502.000002807A1CC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7027613045:AAGX3rPO-1UHB195if6JIXakjYPoomnXXuU/sendDocument
      Source: file.exe, 00000002.00000002.3009697250.000002807A258000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000002.3009697250.000002807A230000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7027613045:AAGX3rPO-1UHB195if6JIXakjYPoomnXXuU/sendDocument0
      Source: file.exe, 00000002.00000002.3009697250.000002807A26C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7027613045:AAGX3rPO-1UHB195if6JIXakjYPoomnXXuU/sendDocument?chat_id=8095
      Source: file.exe, 00000002.00000002.3008575604.0000028079FE4000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7027613045:aagx3rpo-1uhb195if6jixakjypoomnxxuu/senddocument?chat_id=8095
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://blog.jaraco.com/skeleton
      Source: file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://bugs.python.org/issue44497.
      Source: chrome.exe, 00000014.00000002.2434372748.00001B6C00060000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod
      Source: file.exe, 00000002.00000003.2941674210.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2953980340.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2975821575.000002807848C000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927410534.0000028078450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970630634.0000028078486000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2957491357.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2921237608.000002807844F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967677257.0000028078484000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3.11/library/binascii.html#binascii.a2b_base64
      Source: file.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.ExecutionLoader.get_filename
      Source: file.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_code
      Source: file.exe, 00000002.00000002.2997772039.0000028078154000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_source
      Source: file.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.is_package
      Source: file.exe, 00000002.00000002.2997772039.0000028078154000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.create_module
      Source: file.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.exec_module
      Source: file.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.MetaPathFinder.invalidate_caches
      Source: file.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.PathEntryFinder.find_spec
      Source: file.exe, 00000002.00000003.2945873570.0000028078450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937843385.0000028078450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927410534.0000028078450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2075228114.0000028078450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2983440000.0000028078450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2921237608.000002807844F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2074489663.0000028078450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.ResourceLoader.get_data
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.metadata.html
      Source: file.exe, 00000002.00000003.2624856475.0000028078A81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920071366.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3001856262.0000028078AAB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919065357.0000028078A7D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945240770.0000028078AA9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2949420145.0000028078AAB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2982495501.0000028078AAB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/multiprocessing.html
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/reference/import.html#finders-and-loaders
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://foss.heptapod.net/pypy/pypy/-/issues/3539
      Source: file.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://gist.github.com/lyssdod/f51579ae8d93c8657a5564aefc2ffbca
      Source: file.exe, 00000002.00000003.2966708695.000002807865B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2951884397.000002807865B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919339974.0000028078657000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2946274450.000002807865B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2971294119.000002807865B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2983768480.000002807865B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/Ousret/charset_normalizer
      Source: file.exe, 00000002.00000003.2925196583.0000028076898000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2998285301.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2976813530.000002807689E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927768539.0000028078421000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2997295809.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984735484.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942254304.000002807842F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2992798624.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2978938805.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952044076.000002807689A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/astral-sh/ruff
      Source: file.exe, 00000002.00000002.3005125638.0000028079070000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/jaraco/jaraco.functools/issues/5
      Source: file.exe, file.exe, 00000002.00000002.3022430067.00007FF8B27CF000.00000002.00000001.01000000.0000002B.sdmp, file.exe, 00000002.00000002.3022078909.00007FF8B0562000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: https://github.com/mhammond/pywin32
      Source: file.exe, 00000002.00000002.3005258751.0000028079190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/platformdirs/platformdirs
      Source: file.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/psf/requests/pull/6710
      Source: file.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/pypa/packaging
      Source: file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/pypa/setuptools/issues/1024.
      Source: file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/pypa/setuptools/issues/417#issuecomment-392298401
      Source: file.exe, 00000002.00000002.3005258751.0000028079190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/pypa/setuptools/issues/new?template=distutils-deprecation.yml
      Source: file.exe, 00000002.00000002.3005258751.0000028079190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/pypa/setuptools/issues/new?template=distutils-deprecation.yml0
      Source: file.exe, 00000002.00000002.2997772039.0000028078154000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
      Source: file.exe, 00000002.00000003.2952044076.000002807689A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
      Source: file.exe, 00000002.00000003.2925196583.0000028076898000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2998285301.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2976813530.000002807689E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927768539.0000028078421000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2997295809.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984735484.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942254304.000002807842F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2992798624.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2978938805.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952044076.000002807689A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
      Source: file.exe, 00000002.00000003.2089034797.000002807872A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952691835.00000280787C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2921409846.000002807873B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919339974.000002807873B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2938251826.00000280787A8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2085576892.0000028078B20000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922715807.000002807879F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2935447121.00000280787A6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2086428430.0000028078734000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088220764.000002807872A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2085917419.000002807872A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2626419415.000002807873B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2087521297.000002807872A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/issues/86361.
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/importlib_metadata
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/importlib_metadata/actions/workflows/main.yml/badge.svg
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/importlib_metadata/actions?query=workflow%3A%22tests%22
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/importlib_metadata/issues
      Source: file.exe, 00000002.00000002.3004852665.0000028078E50000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/importlib_metadata/wiki/Development-Methodology
      Source: file.exe, 00000002.00000003.2925196583.0000028076898000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2998285301.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2976813530.000002807689E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927768539.0000028078421000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2997295809.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984735484.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942254304.000002807842F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2992798624.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2978938805.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952044076.000002807689A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2192#issuecomment-821832963
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003616548.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2920
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/292002Qy
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/3290
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/32902P
      Source: file.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924189361.0000028078DE9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004135062.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004473680.0000028078DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952775591.0000028078DF4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2971135050.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/
      Source: file.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004135062.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2971135050.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/mail
      Source: file.exe, 00000002.00000003.2982495501.0000028078AAB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/mail/
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2957029424.0000028078C4A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C4D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2947582504.0000028078C45000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948930593.0000028078C49000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://html.spec.whatwg.org/multipage/
      Source: file.exe, 00000002.00000003.2952775591.0000028078DF4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/
      Source: file.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2946357956.0000028078D8B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2966083261.0000028078CA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937410297.0000028078D8A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/get
      Source: file.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2986479235.0000028078C14000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/post
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img.shields.io/badge/skeleton-2024-informational
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img.shields.io/pypi/pyversions/importlib_metadata.svg
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img.shields.io/pypi/v/importlib_metadata.svg
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://importlib-metadata.readthedocs.io/
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://importlib-metadata.readthedocs.io/en/latest/?badge=latest
      Source: file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://json.org
      Source: file.exe, 00000002.00000003.2624856475.0000028078A81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920071366.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088922541.0000028078BA9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089297635.0000028078AB3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919065357.0000028078A7D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945240770.0000028078AA9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mahler:8092/site-updates.py
      Source: file.exe, 00000002.00000003.2968445568.0000028079784000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf
      Source: file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/en/latest/guides/packaging-namespace-packages/.
      Source: file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/en/latest/specifications/core-metadata/
      Source: file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/en/latest/specifications/core-metadata/#core-metadata
      Source: file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/en/latest/specifications/entry-points/
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003429767.0000028078C40000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/en/latest/specifications/entry-points/#file-format
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003616548.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/en/latest/specifications/pyproject-toml/#declaring-project-metadata-the
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003429767.0000028078C40000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/en/latest/specifications/recording-installed-packages/#the-record-file
      Source: file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/specifications/entry-points/
      Source: file.exe, 00000002.00000003.2079391823.000002807879E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2083248341.000002807879E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3001363061.0000028078850000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2078432233.000002807879E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2072237303.00000280768AB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://peps.python.org/pep-0205/
      Source: file.exe, 00000002.00000002.3015838667.00007FF8A89B8000.00000002.00000001.01000000.00000004.sdmpString found in binary or memory: https://peps.python.org/pep-0263/
      Source: file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://peps.python.org/pep-0685/
      Source: file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://pypi.org/project/build/).
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pypi.org/project/importlib_metadata
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://readthedocs.org/projects/importlib-metadata/badge/?version=latest
      Source: file.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://refspecs.linuxfoundation.org/elf/gabi4
      Source: file.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://requests.readthedocs.io
      Source: file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/
      Source: file.exe, 00000002.00000003.2079274441.0000028078A90000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/pkg_resources.html
      Source: file.exe, 00000002.00000003.2921089822.00000280784CB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2928732213.00000280784CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937600595.00000280784E4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079274441.0000028078A90000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922493102.00000280784CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079357369.000002807880A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/pkg_resources.html#basic-resource-access
      Source: file.exe, 00000002.00000002.3001511803.0000028078950000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packages
      Source: file.exe, 00000002.00000002.3001511803.0000028078950000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packages0
      Source: file.exe, 00000002.00000003.2084744511.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2083943598.0000028078A90000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079274441.0000028078A90000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079274441.0000028078A51000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packagesr;
      Source: file.exe, 00000002.00000003.2084744511.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2083943598.0000028078A90000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079274441.0000028078A90000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079274441.0000028078A51000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packagesr;r
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tidelift.com/badges/package/pypi/importlib-metadata
      Source: file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tidelift.com/subscription/pkg/pypi-importlib-metadata?utm_source=pypi-importlib-metadata&utm
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956861154.0000028078CB0000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc2388#section-4.4
      Source: file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc3610
      Source: file.exe, 00000002.00000002.3006928419.000002807977F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc5297
      Source: file.exe, 00000002.00000003.2624856475.0000028078A81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920071366.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919065357.0000028078A7D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945240770.0000028078AA9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7231#section-4.3.6)
      Source: file.exe, 00000002.00000003.2924189361.0000028078DE9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004473680.0000028078DEB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952775591.0000028078DF4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#https-proxy-error-http-proxy
      Source: file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warnings
      Source: file.exe, 00000002.00000003.2919339974.000002807873B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088922541.0000028078BA9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2921332555.00000280787DC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089034797.00000280787D7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2982663617.00000280787DD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089297635.0000028078B70000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088989051.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2626419415.000002807873B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www-cs-faculty.stanford.edu/~knuth/fasc2a.ps.gz
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2966083261.0000028078CA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.ietf.org/rfc/rfc2898.txt
      Source: file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3014886138.00007FF8A8594000.00000002.00000001.01000000.0000000F.sdmp, file.exe, 00000002.00000002.3020798388.00007FF8A9390000.00000002.00000001.01000000.00000013.sdmpString found in binary or memory: https://www.openssl.org/H
      Source: file.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2986479235.0000028078C14000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.python.org
      Source: file.exe, 00000002.00000003.2624856475.0000028078A81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920071366.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088922541.0000028078BA9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089297635.0000028078AB3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919065357.0000028078A7D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945240770.0000028078AA9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.python.org/
      Source: file.exe, 00000002.00000002.3015838667.00007FF8A89B8000.00000002.00000001.01000000.00000004.sdmpString found in binary or memory: https://www.python.org/psf/license/)
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004135062.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2971135050.0000028078D0A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.rfc-editor.org/rfc/rfc8259#section-8.1
      Source: file.exe, 00000002.00000003.2953701804.0000028078E49000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wwww.certigna.fr/autorites/
      Source: file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004665186.0000028078E1E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wwww.certigna.fr/autorites/0m
      Source: file.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004135062.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2971135050.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://yahoo.com/
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
      Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
      Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
      Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
      Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
      Source: unknownNetwork traffic detected: HTTP traffic on port 50085 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
      Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
      Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
      Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
      Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
      Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
      Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
      Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
      Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
      Source: unknownNetwork traffic detected: HTTP traffic on port 50119 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
      Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
      Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
      Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
      Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
      Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
      Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
      Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
      Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
      Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
      Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
      Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
      Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50110 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
      Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
      Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
      Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
      Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50109 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
      Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50105
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50107
      Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
      Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50100
      Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50102
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50101
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50104
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50103
      Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50117
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50116
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50119
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50118
      Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
      Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50110
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50113
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50112
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50115
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50114
      Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
      Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
      Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
      Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
      Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50082 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50105 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
      Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50117 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50092 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
      Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
      Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
      Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
      Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50102 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
      Source: unknownNetwork traffic detected: HTTP traffic on port 50091 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50113 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
      Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
      Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
      Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
      Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
      Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
      Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
      Source: unknownNetwork traffic detected: HTTP traffic on port 50114 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50080
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50082
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50085
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
      Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50087
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50086
      Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
      Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50090
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50094
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50096
      Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
      Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
      Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
      Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
      Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
      Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
      Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
      Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
      Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
      Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50103 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
      Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49706 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.5:49710 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.5:49748 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.5:49757 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.190.147.11:443 -> 192.168.2.5:49805 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49841 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.190.147.11:443 -> 192.168.2.5:49867 version: TLS 1.2
      Source: C:\Windows\System32\dxdiag.exeWindows user hook set: 0 mouse low level C:\Windows\system32\dinput8.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C289E00_2_00007FF7A0C289E0
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C469640_2_00007FF7A0C46964
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C45C000_2_00007FF7A0C45C00
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C210000_2_00007FF7A0C21000
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C408C80_2_00007FF7A0C408C8
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C339A40_2_00007FF7A0C339A4
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C321640_2_00007FF7A0C32164
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C319440_2_00007FF7A0C31944
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C2A2DB0_2_00007FF7A0C2A2DB
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C3DA5C0_2_00007FF7A0C3DA5C
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C43C100_2_00007FF7A0C43C10
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C32C100_2_00007FF7A0C32C10
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C31B500_2_00007FF7A0C31B50
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C2ACAD0_2_00007FF7A0C2ACAD
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C2A4740_2_00007FF7A0C2A474
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C464180_2_00007FF7A0C46418
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C408C80_2_00007FF7A0C408C8
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C335A00_2_00007FF7A0C335A0
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C3E5700_2_00007FF7A0C3E570
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C35D300_2_00007FF7A0C35D30
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C31D540_2_00007FF7A0C31D54
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C3DEF00_2_00007FF7A0C3DEF0
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C39EA00_2_00007FF7A0C39EA0
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C45E7C0_2_00007FF7A0C45E7C
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C298000_2_00007FF7A0C29800
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C31F600_2_00007FF7A0C31F60
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C387940_2_00007FF7A0C38794
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C497280_2_00007FF7A0C49728
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C317400_2_00007FF7A0C31740
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C380E40_2_00007FF7A0C380E4
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C440AC0_2_00007FF7A0C440AC
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C418740_2_00007FF7A0C41874
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C469642_2_00007FF7A0C46964
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C210002_2_00007FF7A0C21000
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C289E02_2_00007FF7A0C289E0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C339A42_2_00007FF7A0C339A4
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C321642_2_00007FF7A0C32164
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C319442_2_00007FF7A0C31944
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C2A2DB2_2_00007FF7A0C2A2DB
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C3DA5C2_2_00007FF7A0C3DA5C
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C43C102_2_00007FF7A0C43C10
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C32C102_2_00007FF7A0C32C10
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C45C002_2_00007FF7A0C45C00
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C31B502_2_00007FF7A0C31B50
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C2ACAD2_2_00007FF7A0C2ACAD
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C2A4742_2_00007FF7A0C2A474
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C464182_2_00007FF7A0C46418
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C408C82_2_00007FF7A0C408C8
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C335A02_2_00007FF7A0C335A0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C3E5702_2_00007FF7A0C3E570
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C35D302_2_00007FF7A0C35D30
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C31D542_2_00007FF7A0C31D54
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C3DEF02_2_00007FF7A0C3DEF0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C39EA02_2_00007FF7A0C39EA0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C45E7C2_2_00007FF7A0C45E7C
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C298002_2_00007FF7A0C29800
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C31F602_2_00007FF7A0C31F60
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C387942_2_00007FF7A0C38794
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C497282_2_00007FF7A0C49728
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C317402_2_00007FF7A0C31740
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C380E42_2_00007FF7A0C380E4
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C440AC2_2_00007FF7A0C440AC
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C408C82_2_00007FF7A0C408C8
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C418742_2_00007FF7A0C41874
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A7FF19502_2_00007FF8A7FF1950
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A7FF22702_2_00007FF8A7FF2270
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A7FF13002_2_00007FF8A7FF1300
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E44C702_2_00007FF8A8E44C70
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DD92B02_2_00007FF8A8DD92B0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DE22502_2_00007FF8A8DE2250
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DE99A02_2_00007FF8A8DE99A0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E229502_2_00007FF8A8E22950
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DD69302_2_00007FF8A8DD6930
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DCFA102_2_00007FF8A8DCFA10
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E72BF02_2_00007FF8A8E72BF0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DC9B902_2_00007FF8A8DC9B90
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E16B402_2_00007FF8A8E16B40
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E24B202_2_00007FF8A8E24B20
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E2BB002_2_00007FF8A8E2BB00
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E10CE02_2_00007FF8A8E10CE0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E1BCC02_2_00007FF8A8E1BCC0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E4ACA02_2_00007FF8A8E4ACA0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E58C802_2_00007FF8A8E58C80
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DFCC592_2_00007FF8A8DFCC59
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DDCC402_2_00007FF8A8DDCC40
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E1CC402_2_00007FF8A8E1CC40
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DC3C102_2_00007FF8A8DC3C10
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DD0DC02_2_00007FF8A8DD0DC0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DEDDB02_2_00007FF8A8DEDDB0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DCBD302_2_00007FF8A8DCBD30
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DD9D002_2_00007FF8A8DD9D00
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E5CEA02_2_00007FF8A8E5CEA0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E04E702_2_00007FF8A8E04E70
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E4BFC02_2_00007FF8A8E4BFC0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E74FC02_2_00007FF8A8E74FC0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E3CF302_2_00007FF8A8E3CF30
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DE70402_2_00007FF8A8DE7040
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DE80202_2_00007FF8A8DE8020
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DD21E02_2_00007FF8A8DD21E0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DC41202_2_00007FF8A8DC4120
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DEF2F02_2_00007FF8A8DEF2F0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DC32F52_2_00007FF8A8DC32F5
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E0F2D02_2_00007FF8A8E0F2D0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E842B02_2_00007FF8A8E842B0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DDD2B02_2_00007FF8A8DDD2B0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E343B02_2_00007FF8A8E343B0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DDC3802_2_00007FF8A8DDC380
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E273502_2_00007FF8A8E27350
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DC73362_2_00007FF8A8DC7336
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DED3102_2_00007FF8A8DED310
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E4A3002_2_00007FF8A8E4A300
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DC94D02_2_00007FF8A8DC94D0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E654A02_2_00007FF8A8E654A0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DEE5C02_2_00007FF8A8DEE5C0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DE45A02_2_00007FF8A8DE45A0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DF15A02_2_00007FF8A8DF15A0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E1B5B02_2_00007FF8A8E1B5B0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DC45702_2_00007FF8A8DC4570
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E0A5102_2_00007FF8A8E0A510
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E206C02_2_00007FF8A8E206C0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E1E6702_2_00007FF8A8E1E670
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DD36502_2_00007FF8A8DD3650
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E327E62_2_00007FF8A8E327E6
      Source: C:\Users\user\Desktop\file.exeCode function: String function: 00007FF7A0C22710 appears 104 times
      Source: C:\Users\user\Desktop\file.exeCode function: String function: 00007FF8A8DCA500 appears 149 times
      Source: C:\Users\user\Desktop\file.exeCode function: String function: 00007FF8A8DC9340 appears 130 times
      Source: C:\Users\user\Desktop\file.exeCode function: String function: 00007FF7A0C22910 appears 34 times
      Source: _overlapped.pyd.0.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
      Source: unicodedata.pyd.0.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
      Source: file.exe, 00000000.00000003.2066153282.000001B657028000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamesqlite3.dll0 vs file.exe
      Source: file.exe, 00000000.00000003.2049216445.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevcruntime140.dllT vs file.exe
      Source: file.exe, 00000000.00000003.2049853083.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_ctypes.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2055070088.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibsslH vs file.exe
      Source: file.exe, 00000000.00000003.2049994867.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_decimal.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_queue.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2060272161.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepywintypes313.dll0 vs file.exe
      Source: file.exe, 00000000.00000003.2069604216.000001B657028000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamewin32crypt.pyd0 vs file.exe
      Source: file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameunicodedata.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_socket.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_ssl.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_sqlite3.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_asyncio.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_hashlib.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2055386127.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepyexpat.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_overlapped.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameselect.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_multiprocessing.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_lzma.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_bz2.pyd. vs file.exe
      Source: file.exe, 00000000.00000003.2049368690.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevcruntime140_1.dllT vs file.exe
      Source: file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_wmi.pyd. vs file.exe
      Source: file.exeBinary or memory string: OriginalFilename vs file.exe
      Source: file.exe, 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpBinary or memory string: OriginalFilenameunicodedata.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3032520323.00007FF8B8F8E000.00000002.00000001.01000000.00000006.sdmpBinary or memory string: OriginalFilename_ctypes.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3034114511.00007FF8BA4F8000.00000002.00000001.01000000.0000000A.sdmpBinary or memory string: OriginalFilename_wmi.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3028934019.00007FF8B7DFC000.00000002.00000001.01000000.00000014.sdmpBinary or memory string: OriginalFilename_sqlite3.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3033723710.00007FF8B9F7A000.00000002.00000001.01000000.00000005.sdmpBinary or memory string: OriginalFilenamevcruntime140.dllT vs file.exe
      Source: file.exe, 00000002.00000002.3032877628.00007FF8B93D2000.00000002.00000001.01000000.00000008.sdmpBinary or memory string: OriginalFilename_bz2.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3030725341.00007FF8B8AF6000.00000002.00000001.01000000.00000011.sdmpBinary or memory string: OriginalFilenameselect.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: OriginalFilenamesqlite3.dll0 vs file.exe
      Source: file.exe, 00000002.00000002.3029398445.00007FF8B7E2A000.00000002.00000001.01000000.00000012.sdmpBinary or memory string: OriginalFilename_ssl.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3032161542.00007FF8B8CB6000.00000002.00000001.01000000.0000000D.sdmpBinary or memory string: OriginalFilename_queue.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3014886138.00007FF8A8594000.00000002.00000001.01000000.0000000F.sdmpBinary or memory string: OriginalFilenamelibcryptoH vs file.exe
      Source: file.exe, 00000002.00000002.3031481703.00007FF8B8B43000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: OriginalFilename_lzma.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3019170224.00007FF8A8BF0000.00000002.00000001.01000000.00000004.sdmpBinary or memory string: OriginalFilenamepython313.dll. vs file.exe
      Source: file.exe, 00000002.00000002.3022430067.00007FF8B27CF000.00000002.00000001.01000000.0000002B.sdmpBinary or memory string: OriginalFilenamewin32crypt.pyd0 vs file.exe
      Source: file.exe, 00000002.00000002.3022078909.00007FF8B0562000.00000002.00000001.01000000.0000002C.sdmpBinary or memory string: OriginalFilenamepywintypes313.dll0 vs file.exe
      Source: file.exe, 00000002.00000002.3031812742.00007FF8B8C1D000.00000002.00000001.01000000.0000000E.sdmpBinary or memory string: OriginalFilename_hashlib.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3029749464.00007FF8B7E5E000.00000002.00000001.01000000.0000000C.sdmpBinary or memory string: OriginalFilenamepyexpat.pyd. vs file.exe
      Source: file.exe, 00000002.00000002.3020798388.00007FF8A9390000.00000002.00000001.01000000.00000013.sdmpBinary or memory string: OriginalFilenamelibsslH vs file.exe
      Source: file.exe, 00000002.00000002.3033242874.00007FF8B9849000.00000002.00000001.01000000.0000000B.sdmpBinary or memory string: OriginalFilenamevcruntime140_1.dllT vs file.exe
      Source: file.exe, 00000002.00000002.3031068677.00007FF8B8B13000.00000002.00000001.01000000.00000010.sdmpBinary or memory string: OriginalFilename_socket.pyd. vs file.exe
      Source: unknownDriver loaded: C:\Windows\System32\drivers\mstee.sys
      Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@179/393@26/25
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\BunnyJump to behavior
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3812:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8580:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8008:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6776:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7808:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2672:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7788:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6504:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7864:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7360:120:WilError_03
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482Jump to behavior
      Source: file.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;chrome.exe&quot;)
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;chrome.exe&quot;)
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;chrome.exe&quot;)
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;msedge.exe&quot;)
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;msedge.exe&quot;)
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;msedge.exe&quot;)
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;msedge.exe&quot;)
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;msedge.exe&quot;)
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;msedge.exe&quot;)
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = &quot;chrome.exe&quot;)
      Source: C:\Windows\System32\dxdiag.exeFile read: C:\Windows\win.iniJump to behavior
      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: SELECT item1, item2 FROM metadata;
      Source: file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
      Source: file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
      Source: file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
      Source: file.exe, file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
      Source: file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: SELECT a11, a102 FROM nssPrivate WHERE a102 = ?;
      Source: file.exe, 00000002.00000003.2624228987.0000028079970000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624228987.0000028079951000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
      Source: file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
      Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
      Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txt"
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\dxdiag.exe dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txt
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=1988 --field-trial-handle=2004,i,16873657089946729221,16671226783605916720,262144 /prefetch:8
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2016 --field-trial-handle=1996,i,2032109330353751590,13028974580121269176,262144 /prefetch:8
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=1872 --field-trial-handle=1980,i,7019123131012893565,15323579879947470228,262144 /prefetch:8
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2104 --field-trial-handle=2072,i,14760293394605899277,10581962885320868667,262144 /prefetch:3
      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2016 --field-trial-handle=1972,i,726754713040708390,11510396830708599302,262144 /prefetch:3
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2108 --field-trial-handle=2064,i,17575325319365732122,6172249017616596838,262144 /prefetch:3
      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2080 --field-trial-handle=2020,i,11210025246069236568,6039799949721482261,262144 /prefetch:3
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2112 --field-trial-handle=2060,i,1519810673855940657,8127465609125034474,262144 /prefetch:3
      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2080 --field-trial-handle=2064,i,12556399923150263826,2501368566727980130,262144 /prefetch:3
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,4569417142642358918,1547684186526237323,262144 /prefetch:3
      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2072 --field-trial-handle=2036,i,1611766081639755236,2586004836248563306,262144 /prefetch:3
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Windows\System32\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2092 --field-trial-handle=1920,i,13001128338599722861,135731140457965479,262144 /prefetch:3
      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2044 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --no-sandbox --mojo-platform-channel-handle=5132 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:8
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --no-sandbox --onnx-enabled-for-ee --mojo-platform-channel-handle=5192 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:8
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"Jump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txt"Jump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandboxJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandboxJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandboxJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandboxJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandboxJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandboxJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandboxJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandboxJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\dxdiag.exe dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txtJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=1988 --field-trial-handle=2004,i,16873657089946729221,16671226783605916720,262144 /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2016 --field-trial-handle=1996,i,2032109330353751590,13028974580121269176,262144 /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=1872 --field-trial-handle=1980,i,7019123131012893565,15323579879947470228,262144 /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2104 --field-trial-handle=2072,i,14760293394605899277,10581962885320868667,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2016 --field-trial-handle=1972,i,726754713040708390,11510396830708599302,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2108 --field-trial-handle=2064,i,17575325319365732122,6172249017616596838,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2080 --field-trial-handle=2020,i,11210025246069236568,6039799949721482261,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2112 --field-trial-handle=2060,i,1519810673855940657,8127465609125034474,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2080 --field-trial-handle=2064,i,12556399923150263826,2501368566727980130,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,4569417142642358918,1547684186526237323,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2072 --field-trial-handle=2036,i,1611766081639755236,2586004836248563306,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2092 --field-trial-handle=1920,i,13001128338599722861,135731140457965479,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2044 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:3
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --no-sandbox --mojo-platform-channel-handle=5132 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:8
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --no-sandbox --onnx-enabled-for-ee --mojo-platform-channel-handle=5192 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:8
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
      Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: version.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: vcruntime140.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: python3.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: libffi-8.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: vcruntime140_1.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: libcrypto-3.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: libssl-3.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: sqlite3.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: mswsock.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: pywintypes313.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: rasadhlp.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: fwpuclnt.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: dpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: cryptbase.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
      Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Windows\System32\cmd.exeSection loaded: apphelp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: apphelp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: uxtheme.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dxdiagn.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d11.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d12.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: cryptsp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: powrprof.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: devobj.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: winmmbase.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dxgi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: wmiclnt.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dxgi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: umpdc.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: wbemcomn.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: amsi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: profapi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: winbrand.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: wldp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: windows.storage.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: wldp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dsound.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: resourcepolicyclient.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: devrtl.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: spinf.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: drvstore.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: rsaenh.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: cryptbase.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: gpapi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: spfileq.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: wifidisplay.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: mswsock.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: wlanapi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: mmdevapi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: mfplat.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: rtworkq.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: mf.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: mfcore.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: ksuser.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: mfsensorgroup.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: comppkgsup.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: windows.media.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: windows.applicationmodel.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: twinapi.appcore.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: appxdeploymentclient.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: windows.staterepositoryps.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: wintypes.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dispbroker.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d12core.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dxcore.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dxilconv.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3dscache.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d9.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dwmapi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: mscat32.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d9.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dwmapi.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: ddraw.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dciman32.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d10warp.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: winmm.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: avrt.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: audioses.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: msacm32.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: midimap.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: winmm.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: winmm.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dinput8.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: hid.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: winmm.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: inputhost.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: coremessaging.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: propsys.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: coreuicomponents.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: ntmarta.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: devenum.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: msdmo.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: quartz.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: d3d9.dllJump to behavior
      Source: C:\Windows\System32\dxdiag.exeSection loaded: dwmapi.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dllJump to behavior
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: version.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: framedynos.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: dbghelp.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: wbemcomn.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: winsta.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\taskkill.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\dxdiag.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7}\InprocServer32Jump to behavior
      Source: Window RecorderWindow detected: More than 3 window changes detected
      Source: file.exeStatic PE information: Image base 0x140000000 > 0x60000000
      Source: file.exeStatic file information: File size 13960143 > 1048576
      Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
      Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
      Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
      Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
      Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
      Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
      Source: file.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
      Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
      Source: Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: file.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmp
      Source: Binary string: D:\a\1\b\libcrypto-3.pdb| source: file.exe, 00000002.00000002.3014036096.00007FF8A84EA000.00000002.00000001.01000000.0000000F.sdmp
      Source: Binary string: D:\a\1\b\libssl-3.pdbDD source: file.exe, 00000002.00000002.3020594383.00007FF8A9355000.00000002.00000001.01000000.00000013.sdmp
      Source: Binary string: D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\pywintypes.pdb** source: file.exe, 00000002.00000002.3021936981.00007FF8B0551000.00000002.00000001.01000000.0000002C.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_wmi.pdb(('GCTL source: file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033965402.00007FF8BA4F4000.00000002.00000001.01000000.0000000A.sdmp
      Source: Binary string: @ compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG"OpenSSL 3.0.15 3 Sep 20243.0.15built on: Wed Sep 4 15:52:04 2024 UTCplatform: VC-WIN64A-masmOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-3"MODULESDIR: "C:\Program Files\OpenSSL\lib\ossl-modules"CPUINFO: N/Anot availableget_and_lock..\s\crypto\ex_data.cossl_crypto_get_ex_new_index_exossl_crypto_new_ex_data_exCRYPTO_dup_ex_dataCRYPTO_set_ex_dataOPENSSL_WIN32_UTF8..\s\crypto\getenv.ccompiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG";CPUINFO: OPENSSL_ia32cap=0x%llx:0x%llxOPENSSL_ia32cap env:%sos-specificC:\Program Files\Common Files\SSLC:\Program Files\OpenSSL\lib\ossl-modules.dllCPUINFO: ..\s\crypto\init.cOPENSSL_init_cryptoOPENSSL_atexit..\s\crypto\initthread.c..\s\crypto\mem_sec.cassertion failed: (bit & 1) == 0assertion failed: list >= 0 && list < sh.freelist_sizeassertion failed: ((ptr - sh.arena) & ((sh.arena_size >> list) - 1)) == 0assertion failed: bit > 0 && bit < sh.bittable_sizeassertion failed: TESTBIT(table, bit)assertion failed: !TESTBIT(table, bit)assertion failed: WITHIN_FREELIST(list)assertion failed: WITHIN_ARENA(ptr)assertion failed: temp->next == NULL || WITHIN_ARENA(temp->next)assertion failed: (char **)temp->next->p_next == listassertion failed: WITHIN_FREELIST(temp2->p_next) || WITHIN_ARENA(temp2->p_next)assertion failed: size > 0assertion failed: (size & (size - 1)) == 0assertion failed: (minsize & (minsize - 1)) == 0assertion failed: sh.freelist != NULLassertion failed: sh.bittable != NULLassertion failed: sh.bitmalloc != NULLassertion failed: !sh_testbit(temp, slist, sh.bitmalloc)assertion failed: temp != sh.freelist[slist]assertion failed: sh.freelist[slist] == tempassertion failed: temp-(sh.arena_size >> slist) == sh_find_my_buddy(temp, slist)assertion failed: sh_testbit(chunk, list, sh.bittable)assertion failed: WITHIN_ARENA(chunk)assertion failed: sh_testbit(ptr, list, sh.bittable)assertion failed: ptr == sh_find_my_buddy(buddy, list)assertion failed: ptr != NULLassertion failed: !sh_testbit(ptr, list, sh.bitmalloc)assertion failed: sh.freelist[list] == ptr/*0123456789ABCDEFCRYPTO_memdup..\s\crypto\o_str.chexstr2buf_sepossl_hexstr2buf_sepbuf2hexstr_sepossl_buf2hexstr_sep..\s\crypto\packet.cwpacket_intern_init_lenWPACKET_start_sub_packet_len__..\s\crypto\param_build.cparam_pushparam_push_numOSSL_PARAM_BLD_push_BN_padNegative big numbers are unsupported for OSSL_PARAMOSSL_PARAM_BLD_push_utf8_stringOSSL_PARAM_BLD_push_utf8_ptrOSSL_PARAM_BLD_push_octet_stringOSSL_PARAM_BLD_p
      Source: Binary string: D:\a\1\b\bin\amd64\_overlapped.pdb source: file.exe, 00000000.00000003.2050713108.000001B657026000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: file.exe, 00000000.00000003.2049216445.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033498205.00007FF8B9F74000.00000002.00000001.01000000.00000005.sdmp
      Source: Binary string: compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" source: file.exe, 00000002.00000002.3014036096.00007FF8A8452000.00000002.00000001.01000000.0000000F.sdmp
      Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdbGCTL source: file.exe, 00000000.00000003.2049216445.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033498205.00007FF8B9F74000.00000002.00000001.01000000.00000005.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\sqlite3.pdb source: file.exe, 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmp
      Source: Binary string: D:\a\1\b\libcrypto-3.pdb source: file.exe, 00000002.00000002.3014036096.00007FF8A84EA000.00000002.00000001.01000000.0000000F.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_multiprocessing.pdb source: file.exe, 00000000.00000003.2050624895.000001B657026000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\win32crypt.pdb!! source: file.exe, 00000002.00000002.3022290738.00007FF8B27C2000.00000002.00000001.01000000.0000002B.sdmp
      Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: file.exe, 00000000.00000003.2049368690.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033097659.00007FF8B9845000.00000002.00000001.01000000.0000000B.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\select.pdb source: file.exe, 00000000.00000003.2060453259.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3030572834.00007FF8B8AF3000.00000002.00000001.01000000.00000011.sdmp
      Source: Binary string: D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\pywintypes.pdb source: file.exe, 00000002.00000002.3021936981.00007FF8B0551000.00000002.00000001.01000000.0000002C.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: file.exe, 00000000.00000003.2050145976.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3031679829.00007FF8B8C16000.00000002.00000001.01000000.0000000E.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdbNN source: file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3031274173.00007FF8B8B3B000.00000002.00000001.01000000.00000009.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_asyncio.pdb source: file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\pyexpat.pdb source: file.exe, 00000002.00000002.3029608974.00007FF8B7E52000.00000002.00000001.01000000.0000000C.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_queue.pdb source: file.exe, 00000000.00000003.2050810113.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3032023397.00007FF8B8CB3000.00000002.00000001.01000000.0000000D.sdmp
      Source: Binary string: D:\a\pywin32\pywin32\build\temp.win-amd64-cpython-313\Release\win32crypt.pdb source: file.exe, 00000002.00000002.3022290738.00007FF8B27C2000.00000002.00000001.01000000.0000002B.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: file.exe, 00000000.00000003.2050255451.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3031274173.00007FF8B8B3B000.00000002.00000001.01000000.00000009.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: file.exe, 00000000.00000003.2049580462.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3032736724.00007FF8B93CD000.00000002.00000001.01000000.00000008.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_wmi.pdb source: file.exe, 00000000.00000003.2051328230.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033965402.00007FF8BA4F4000.00000002.00000001.01000000.0000000A.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_socket.pdb source: file.exe, 00000000.00000003.2050892723.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3030933816.00007FF8B8B09000.00000002.00000001.01000000.00000010.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_sqlite3.pdb source: file.exe, 00000002.00000002.3028806832.00007FF8B7DEF000.00000002.00000001.01000000.00000014.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\python313.pdb source: file.exe, 00000002.00000002.3015838667.00007FF8A89B8000.00000002.00000001.01000000.00000004.sdmp
      Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdbGCTL source: file.exe, 00000000.00000003.2049368690.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3033097659.00007FF8B9845000.00000002.00000001.01000000.0000000B.sdmp
      Source: Binary string: D:\a\1\b\libssl-3.pdb source: file.exe, 00000002.00000002.3020594383.00007FF8A9355000.00000002.00000001.01000000.00000013.sdmp
      Source: Binary string: D:\a\1\b\bin\amd64\_ssl.pdb source: file.exe, 00000002.00000002.3029130513.00007FF8B7E0E000.00000002.00000001.01000000.00000012.sdmp
      Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
      Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
      Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
      Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
      Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
      Source: VCRUNTIME140.dll.0.drStatic PE information: 0x78BDDED1 [Sat Mar 11 17:01:05 2034 UTC]
      Source: VCRUNTIME140.dll.0.drStatic PE information: section name: fothk
      Source: VCRUNTIME140.dll.0.drStatic PE information: section name: _RDATA
      Source: libcrypto-3.dll.0.drStatic PE information: section name: .00cfg
      Source: libssl-3.dll.0.drStatic PE information: section name: .00cfg
      Source: python313.dll.0.drStatic PE information: section name: PyRuntim
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E0267D push rbx; retf 2_2_00007FF8A8E02685
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8E027AE push rsp; iretd 2_2_00007FF8A8E027B9

      Persistence and Installation Behavior

      barindex
      Found pyInstaller with non standard icon
      Source: C:\Users\user\Desktop\file.exeProcess created: "C:\Users\user\Desktop\file.exe"
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_socket.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_arc2.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_keccak.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_overlapped.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\python313.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_des3.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_ctypes.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_eksblowfish.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\VCRUNTIME140.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_lzma.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer\md.cp313-win_amd64.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\win32\win32crypt.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_Salsa20.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_poly1305.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_ARC4.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_multiprocessing.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_aes.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ofb.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_curve448.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\unicodedata.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cbc.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Protocol\_scrypt.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ocb.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD2.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_des.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_cffi_backend.cp313-win_amd64.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ecb.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\sqlite3.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\select.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_chacha20.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_sqlite3.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\libssl-3.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_RIPEMD160.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer\md__mypyc.cp313-win_amd64.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ed25519.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_ssl.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_pkcs1_decode.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA1.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_curve25519.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\VCRUNTIME140_1.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\libffi-8.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_wmi.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD5.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_hashlib.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_decimal.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Math\_modexp.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_asyncio.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_ghash_portable.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cast.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ed448.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_queue.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\libcrypto-3.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD4.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32\pywintypes313.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ec_ws.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cfb.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA224.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA512.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_blowfish.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util\_cpuid_c.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util\_strxor.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_BLAKE2s.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_BLAKE2b.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_aesni.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\pyexpat.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA384.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\_bz2.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ctr.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_ghash_clmul.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA256.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info\LICENSE.txtJump to behavior
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C276C0 GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,0_2_00007FF7A0C276C0
      Source: C:\Windows\System32\dxdiag.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\dxdiag.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\dxdiag.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\taskkill.exeProcess information set: NOOPENFILEERRORBOX

      Malware Analysis System Evasion

      barindex
      Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : ASSOCIATORS OF {Win32_DiskPartition.DeviceID=&quot;Disk #0, Partition #1&quot;} WHERE ResultClass = Win32_DiskDrive
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : select * from Win32_DiskDriveToDiskPartition where Dependent=&quot;Win32_DiskPartition.DeviceID=\&quot;Disk #0, Partition #1\&quot;&quot;
      Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_LogicalDisk Where DriveType=3
      Query firmware table information (likely to detect VMs)
      Source: C:\Windows\System32\dxdiag.exeSystem information queried: FirmwareTableInformationJump to behavior
      Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: PROCESSHACKER.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: OLLYDBG.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: DWIRESHARK.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: QEMU-GA.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: VMUSRVC.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: X64DBG.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: DXENSERVICE.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: DX64DBG.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: DFIDDLER.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: DOLLYDBG.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: DQEMU-GA.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: DVMUSRVC.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: FIDDLER.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: XENSERVICE.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: DPROCESSHACKER.EXE
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: WIRESHARK.EXE
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_socket.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_arc2.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_keccak.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_overlapped.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\python313.dllJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_des3.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_ctypes.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_lzma.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_eksblowfish.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer\md.cp313-win_amd64.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\win32\win32crypt.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_Salsa20.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_poly1305.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_ARC4.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_multiprocessing.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ofb.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_aes.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_curve448.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\unicodedata.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cbc.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Protocol\_scrypt.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ocb.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD2.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_des.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_cffi_backend.cp313-win_amd64.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ecb.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\select.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_chacha20.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_sqlite3.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_RIPEMD160.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer\md__mypyc.cp313-win_amd64.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_ssl.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ed25519.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_curve25519.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_pkcs1_decode.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA1.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_wmi.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD5.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_hashlib.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_decimal.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Math\_modexp.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_asyncio.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_ghash_portable.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ed448.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cast.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_queue.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD4.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ec_ws.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cfb.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA224.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA512.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_blowfish.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util\_cpuid_c.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util\_strxor.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_BLAKE2s.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_aesni.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_BLAKE2b.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\pyexpat.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA384.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\_bz2.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ctr.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_ghash_clmul.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA256.pydJump to dropped file
      Source: C:\Users\user\Desktop\file.exeCheck user administrative privileges: GetTokenInformation,DecisionNodesgraph_0-18251
      Source: C:\Users\user\Desktop\file.exeAPI coverage: 3.9 %
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BIOS
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_ComputerSystem
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
      Source: C:\Windows\System32\dxdiag.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C29280 FindFirstFileExW,FindClose,0_2_00007FF7A0C29280
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C283C0 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00007FF7A0C283C0
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C41874 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,0_2_00007FF7A0C41874
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C29280 FindFirstFileExW,FindClose,2_2_00007FF7A0C29280
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C283C0 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,2_2_00007FF7A0C283C0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C41874 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,2_2_00007FF7A0C41874
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8DD1230 GetSystemInfo,2_2_00007FF8A8DD1230
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: vboxtray.exe
      Source: file.exe, 00000000.00000003.2051936547.000001B657026000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: j2aTPs+9xYa9+bG3tD60B8jzljHz7aRP+KNOjSkVWLjVb3/ubCK1sK9IRQq9qEmU
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: vmwaretray.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: vmusrvc.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dvmusrvc.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: vmtoolsd.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dvmwaretray.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: qemu-ga.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dqemu-ga.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dVMware SVGA 3D
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dvboxtray.exe
      Source: file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003367910.0000028078C30000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2986726124.0000028078C2F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2935661271.0000028078C2E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dvmtoolsd.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dvboxservice.exe
      Source: file.exe, 00000002.00000002.3004852665.0000028078E50000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dro.kernel.qemu
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: vmwareuser.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: VMware SVGA 3D
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Microsoft Hyper-V Video
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dvmsrvc.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dMicrosoft Hyper-V Video
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: dvmwareuser.exe
      Source: file.exe, 00000002.00000002.3004852665.0000028078E50000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: ro.kernel.qemu
      Source: file.exe, 00000002.00000003.2087222250.0000028078692000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ro.kernel.qemur
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: vmsrvc.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: vboxservice.exe
      Source: C:\Windows\System32\dxdiag.exeProcess information queried: ProcessInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C2D12C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF7A0C2D12C
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C43480 GetProcessHeap,0_2_00007FF7A0C43480
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: DebugJump to behavior
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C2D12C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF7A0C2D12C
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C2D30C SetUnhandledExceptionFilter,0_2_00007FF7A0C2D30C
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C3A614 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF7A0C3A614
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C2C8A0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00007FF7A0C2C8A0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C2D12C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00007FF7A0C2D12C
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C2D30C SetUnhandledExceptionFilter,2_2_00007FF7A0C2D30C
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C3A614 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00007FF7A0C3A614
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF7A0C2C8A0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_00007FF7A0C2C8A0
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A7FF3248 IsProcessorFeaturePresent,memset,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00007FF8A7FF3248
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A7FF2C90 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_00007FF8A7FF2C90
      Source: C:\Users\user\Desktop\file.exeCode function: 2_2_00007FF8A8EF2920 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_00007FF8A8EF2920

      HIPS / PFW / Operating System Protection Evasion

      barindex
      Excessive usage of taskkill to terminate processes
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"Jump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txt"Jump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\dxdiag.exe dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txtJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exeJump to behavior
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM chrome.exeJump to behavior
      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /F /IM msedge.exe
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C49570 cpuid 0_2_00007FF7A0C49570
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\certifi VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_ctypes.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_bz2.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_lzma.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_wmi.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pyexpat.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\jaraco VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_queue.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_hashlib.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_socket.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\select.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_ssl.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\jaraco\text\Lorem ipsum.txt VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\jaraco\text\Lorem ipsum.txt VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\_sqlite3.pyd VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\win32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32 VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
      Source: C:\Windows\System32\dxdiag.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0516~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\dxdiag.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0110~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\dxdiag.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0110~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C2D010 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,0_2_00007FF7A0C2D010
      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF7A0C45C00 _get_daylight,_get_daylight,_get_daylight,_get_daylight,_get_daylight,GetTimeZoneInformation,0_2_00007FF7A0C45C00
      Source: C:\Windows\System32\dxdiag.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: OllyDbg.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Wireshark.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: wireshark.exe
      Source: file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: ollydbg.exe

      Stealing of Sensitive Information

      barindex
      Yara detected Telegram RAT
      Source: Yara matchFile source: 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: Process Memory Space: file.exe PID: 5476, type: MEMORYSTR
      Tries to harvest and steal browser information (history, passwords, etc)
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknnJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjpJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nphplpgoakhhjchkkhmiggakijnkhfndJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\webdata.dbJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdnoJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcelljJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdoJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfciJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcgeJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdilJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdmaJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\khpkpbbcccdmmclmpigdgddabeilkdpdJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhilaheimglignddkjgofkcbgekhenbhJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgppJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mgffkfbidihjpoaomajlbgchddlicgpnJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mdjmfdffdcmnoblignmgpommbefadffdJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofecJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjihJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeapJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hmeobnfnfcmdkdcmlblgagmfpfboieafJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbbJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\passwords.dbJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpaJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajbJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ebfidpplhabeedpnhjnobghokpiiooljJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaocJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cgeeodpfagjceefieflmdfphplkenlfkJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnmJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemgJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\epapihdplajcdnnkdeiahlgigofloibgJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgkJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\key4.dbJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pdadjkfkgcafgbceimcpbkalnfnepbnkJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfjJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\DefaultJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneecJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaadJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\8pecxstudios\Cyberfox\profiles.iniJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflcJump to behavior

      Remote Access Functionality

      barindex
      Attempt to bypass Chrome Application-Bound Encryption
      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
      Yara detected Telegram RAT
      Source: Yara matchFile source: 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: Process Memory Space: file.exe PID: 5476, type: MEMORYSTR

      Mitre Att&ck Matrix

      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
      Gather Victim Identity InformationAcquire InfrastructureValid Accounts231
      Windows Management Instrumentation      		1
      LSASS Driver      		1
      LSASS Driver      		11
      Disable or Modify Tools      		1
      OS Credential Dumping      		2
      System Time Discovery      		Remote Services1
      Archive Collected Data      		1
      Web Service      		Exfiltration Over Other Network MediumAbuse Accessibility Features
      CredentialsDomainsDefault Accounts1
      Native API      		1
      DLL Side-Loading      		1
      DLL Side-Loading      		1
      Deobfuscate/Decode Files or Information      		1
      Input Capture      		2
      File and Directory Discovery      		Remote Desktop Protocol1
      Data from Local System      		1
      Ingress Tool Transfer      		Exfiltration Over BluetoothNetwork Denial of Service
      Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
      Extra Window Memory Injection      		2
      Obfuscated Files or Information      		Security Account Manager145
      System Information Discovery      		SMB/Windows Admin Shares1
      Input Capture      		11
      Encrypted Channel      		Automated ExfiltrationData Encrypted for Impact
      Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook11
      Process Injection      		1
      Timestomp      		NTDS451
      Security Software Discovery      		Distributed Component Object ModelInput Capture1
      Remote Access Software      		Traffic DuplicationData Destruction
      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
      DLL Side-Loading      		LSA Secrets22
      Virtualization/Sandbox Evasion      		SSHKeylogging3
      Non-Application Layer Protocol      		Scheduled TransferData Encrypted for Impact
      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
      Extra Window Memory Injection      		Cached Domain Credentials1
      Process Discovery      		VNCGUI Input Capture4
      Application Layer Protocol      		Data Transfer Size LimitsService Stop
      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
      Masquerading      		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
      Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job22
      Virtualization/Sandbox Evasion      		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
      Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt11
      Process Injection      		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet
      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1560868 Sample: file.exe Startdate: 22/11/2024 Architecture: WINDOWS Score: 100 78 api.telegram.org 2->78 80 api.myip.com 2->80 110 Found malware configuration 2->110 112 Yara detected Telegram RAT 2->112 114 AI detected suspicious sample 2->114 9 file.exe 106 2->9         started        13 msedge.exe 2->13         started        15 msedge.exe 2->15         started        18 5 other processes 2->18 signatures3 116 Uses the Telegram API (likely for C&C communication) 78->116 process4 dnsIp5 70 C:\Users\user\AppData\...\win32crypt.pyd, PE32+ 9->70 dropped 72 C:\Users\user\AppData\...\unicodedata.pyd, PE32+ 9->72 dropped 74 C:\Users\user\AppData\Local\...\sqlite3.dll, PE32+ 9->74 dropped 76 67 other files (none is malicious) 9->76 dropped 124 Attempt to bypass Chrome Application-Bound Encryption 9->124 126 Found pyInstaller with non standard icon 9->126 20 file.exe 10 9->20         started        128 Excessive usage of taskkill to terminate processes 13->128 25 msedge.exe 13->25         started        102 192.168.2.5, 443, 49703, 49705 unknown unknown 15->102 27 msedge.exe 15->27         started        29 msedge.exe 15->29         started        31 msedge.exe 15->31         started        33 msedge.exe 18->33         started        35 msedge.exe 18->35         started        37 msedge.exe 18->37         started        file6 signatures7 process8 dnsIp9 82 api.telegram.org 149.154.167.220, 443, 49900, 49910 TELEGRAMRU United Kingdom 20->82 90 2 other IPs or domains 20->90 66 C:\Users\user\AppData\Local\...\webdata.db, SQLite 20->66 dropped 68 C:\Users\user\AppData\Local\...\passwords.db, SQLite 20->68 dropped 118 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 20->118 120 Tries to harvest and steal browser information (history, passwords, etc) 20->120 122 Excessive usage of taskkill to terminate processes 20->122 39 cmd.exe 1 20->39         started        41 chrome.exe 20->41         started        43 chrome.exe 20->43         started        46 16 other processes 20->46 92 6 other IPs or domains 25->92 84 13.107.246.38, 443, 49961, 49963 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 27->84 86 13.91.96.185, 443, 49952, 49962 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 27->86 94 18 other IPs or domains 27->94 88 ntp.msn.com 33->88 file10 signatures11 process12 dnsIp13 48 dxdiag.exe 95 12 39->48         started        51 conhost.exe 39->51         started        53 chrome.exe 41->53         started        100 239.255.255.250 unknown Reserved 43->100 56 chrome.exe 43->56         started        58 conhost.exe 46->58         started        60 conhost.exe 46->60         started        62 chrome.exe 46->62         started        64 12 other processes 46->64 process14 dnsIp15 104 Query firmware table information (likely to detect VMs) 48->104 106 Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines) 48->106 108 Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes) 48->108 96 www.google.com 142.250.181.100, 443, 49762, 49766 GOOGLEUS United States 53->96 98 clients2.googleusercontent.com 53->98 signatures16

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      No Antivirus matches

      Dropped Files

      SourceDetectionScannerLabelLink
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_ARC4.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_Salsa20.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_chacha20.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_pkcs1_decode.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_aes.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_aesni.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_arc2.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_blowfish.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cast.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cbc.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cfb.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ctr.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_des.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_des3.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ecb.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_eksblowfish.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ocb.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ofb.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_BLAKE2b.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_BLAKE2s.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD2.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD4.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD5.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_RIPEMD160.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA1.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA224.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA256.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA384.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA512.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_ghash_clmul.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_ghash_portable.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_keccak.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_poly1305.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Math\_modexp.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Protocol\_scrypt.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_curve25519.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_curve448.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ec_ws.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ed25519.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ed448.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util\_cpuid_c.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util\_strxor.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\VCRUNTIME140.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\VCRUNTIME140_1.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_asyncio.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_bz2.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_cffi_backend.cp313-win_amd64.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_ctypes.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_decimal.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_hashlib.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_lzma.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_multiprocessing.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_overlapped.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_queue.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_socket.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_sqlite3.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_ssl.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\_wmi.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer\md.cp313-win_amd64.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer\md__mypyc.cp313-win_amd64.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\libcrypto-3.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\libffi-8.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\libssl-3.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\pyexpat.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\python313.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32\pywintypes313.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\select.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\sqlite3.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\unicodedata.pyd0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\_MEI68482\win32\win32crypt.pyd0%ReversingLabs

      Unpacked PE Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      SourceDetectionScannerLabelLink
      http://repository.swisssign.com/n0%Avira URL Cloudsafe
      http://repository.swisssign.com/H0%Avira URL Cloudsafe
      http://cacerts.digD0%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      chrome.cloudflare-dns.com
      		172.64.41.3
      		truefalse
        		high
        api.myip.com
        		104.26.9.59
        		truefalse
          		high
          ssl.bingadsedgeextension-prod-europe.azurewebsites.net
          		94.245.104.56
          		truefalse
            		high
            www.google.com
            		142.250.181.100
            		truefalse
              		high
              api.telegram.org
              		149.154.167.220
              		truefalse
                		high
                googlehosted.l.googleusercontent.com
                		172.217.19.225
                		truefalse
                  		high
                  clients2.googleusercontent.com
                  		unknown
                  		unknownfalse
                    		high
                    bzib.nelreports.net
                    		unknown
                    		unknownfalse
                      		high
                      ntp.msn.com
                      		unknown
                      		unknownfalse
                        		high

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732277671704&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                          		high
                          https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732277663442&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                            		high
                            https://assets.msn.com/bundles/v1/edgeChromium/latest/vendors.7e27cca6027b8d6697cb.jsfalse
                              		high
                              https://assets.msn.com/statics/icons/favicon_newtabpage.pngfalse
                                		high
                                https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732277672632&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                  		high

                                  URLs from Memory and Binaries

                                  NameSourceMaliciousAntivirus DetectionReputation
                                  https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdffile.exe, 00000002.00000003.2968445568.0000028079784000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpfalse
                                    		high
                                    https://api.telegram.org/botfile.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                      		high
                                      https://github.com/astral-sh/rufffile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                        		high
                                        https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packagesfile.exe, 00000002.00000002.3001511803.0000028078950000.00000004.00001000.00020000.00000000.sdmpfalse
                                          		high
                                          http://repository.swisssign.com/Hfile.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2977476568.0000028078D82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927525523.0000028078D49000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2968975475.0000028078D81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955340274.0000028078D77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2938319467.0000028078D4C000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2965839511.0000028078D81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954333259.0000028078D70000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://github.com/mhammond/pywin32file.exe, file.exe, 00000002.00000002.3022430067.00007FF8B27CF000.00000002.00000001.01000000.0000002B.sdmp, file.exe, 00000002.00000002.3022078909.00007FF8B0562000.00000002.00000001.01000000.0000002C.sdmpfalse
                                            		high
                                            https://github.com/python/importlib_metadata/actions/workflows/main.yml/badge.svgfile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              https://api.telegram.org/bot7027613045:AAGX3rPO-1UHB195if6JIXakjYPoomnXXuU/sendDocument?chat_id=8095file.exe, 00000002.00000002.3009697250.000002807A26C000.00000004.00001000.00020000.00000000.sdmpfalse
                                                		high
                                                https://github.com/python/importlib_metadatafile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assetsfile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://github.com/python/importlib_metadata/issuesfile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://setuptools.pypa.io/en/latest/file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#file.exe, 00000002.00000003.2925196583.0000028076898000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2998285301.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2976813530.000002807689E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927768539.0000028078421000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2997295809.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984735484.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942254304.000002807842F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2992798624.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2978938805.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952044076.000002807689A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		high
                                                          https://packaging.python.org/en/latest/specifications/recording-installed-packages/#the-record-filefile.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003429767.0000028078C40000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://importlib-metadata.readthedocs.io/file.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://tools.ietf.org/html/rfc2388#section-4.4file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956861154.0000028078CB0000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://packaging.python.org/en/latest/specifications/core-metadata/file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://docs.python.org/3.11/library/binascii.html#binascii.a2b_base64file.exe, 00000002.00000003.2941674210.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2953980340.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2975821575.000002807848C000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927410534.0000028078450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970630634.0000028078486000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2957491357.0000028078484000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2921237608.000002807844F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967677257.0000028078484000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://github.com/pypa/packagingfile.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://packaging.python.org/en/latest/specifications/entry-points/#file-formatfile.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003429767.0000028078C40000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://readthedocs.org/projects/importlib-metadata/badge/?version=latestfile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://refspecs.linuxfoundation.org/elf/gabi4file.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packages0file.exe, 00000002.00000002.3001511803.0000028078950000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://github.com/urllib3/urllib3/issues/2192#issuecomment-821832963file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://cacerts.digifile.exe, 00000000.00000003.2068182140.000001B657028000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2051186811.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://blog.jaraco.com/skeletonfile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://tools.ietf.org/html/rfc3610file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://github.com/platformdirs/platformdirsfile.exe, 00000002.00000002.3005258751.0000028079190000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://peps.python.org/pep-0205/file.exe, 00000002.00000003.2079391823.000002807879E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2083248341.000002807879E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3001363061.0000028078850000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2078432233.000002807879E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2072237303.00000280768AB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          http://crl.dhimyotis.com/certignarootca.crlfile.exe, 00000002.00000003.2943572478.00000280796CB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004665186.0000028078E1E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            http://curl.haxx.se/rfc/cookie_spec.htmlfile.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              http://ocsp.accv.esfile.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packagesr;file.exe, 00000002.00000003.2084744511.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2083943598.0000028078A90000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079274441.0000028078A90000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079274441.0000028078A51000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://docs.python.org/3/library/importlib.html#importlib.abc.ExecutionLoader.get_filenamefile.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://urllib3.readthedocs.io/en/latest/advanced-usage.html#https-proxy-error-http-proxyfile.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688file.exe, 00000002.00000002.2997772039.0000028078154000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://httpbin.org/getfile.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000002.00000003.2946357956.0000028078D8B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2966083261.0000028078CA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937410297.0000028078D8A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://packaging.python.org/en/latest/specifications/entry-points/file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            http://cacerts.digfile.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://setuptools.pypa.io/en/latest/pkg_resources.html#basic-resource-accessfile.exe, 00000002.00000003.2921089822.00000280784CB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2928732213.00000280784CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937600595.00000280784E4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079274441.0000028078A90000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922493102.00000280784CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2079357369.000002807880A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://pypi.org/project/build/).file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_codefile.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://wwww.certigna.fr/autorites/0mfile.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004665186.0000028078E1E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/readerfile.exe, 00000002.00000003.2925196583.0000028076898000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2998285301.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2976813530.000002807689E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927768539.0000028078421000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2997295809.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984735484.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942254304.000002807842F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2992798624.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2978938805.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952044076.000002807689A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        http://foo/bar.tgzfile.exe, 00000002.00000002.3004988663.0000028078F50000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://github.com/python/cpython/issues/86361.file.exe, 00000002.00000003.2089034797.000002807872A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952691835.00000280787C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2921409846.000002807873B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919339974.000002807873B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2938251826.00000280787A8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2085576892.0000028078B20000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922715807.000002807879F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2935447121.00000280787A6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2086428430.0000028078734000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088220764.000002807872A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2085917419.000002807872A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2626419415.000002807873B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2087521297.000002807872A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://httpbin.org/file.exe, 00000002.00000003.2952775591.0000028078DF4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              http://repository.swisssign.com/nfile.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              • Avira URL Cloud: safe
                                                                                                                              		unknown
                                                                                                                              https://wwww.certigna.fr/autorites/file.exe, 00000002.00000003.2953701804.0000028078E49000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://www-cs-faculty.stanford.edu/~knuth/fasc2a.ps.gzfile.exe, 00000002.00000003.2919339974.000002807873B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088922541.0000028078BA9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2921332555.00000280787DC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089034797.00000280787D7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2982663617.00000280787DD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089297635.0000028078B70000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088989051.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2626419415.000002807873B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.exec_modulefile.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://docs.python.org/3/library/importlib.html#importlib.abc.MetaPathFinder.invalidate_cachesfile.exe, 00000002.00000002.2997772039.00000280780D0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      http://cacerts.digDfile.exe, 00000000.00000003.2051023726.000001B657026000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2049466267.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                      		unknown
                                                                                                                                      https://docs.python.org/3/reference/import.html#finders-and-loadersfile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://github.com/pypa/setuptools/issues/new?template=distutils-deprecation.yml0file.exe, 00000002.00000002.3005258751.0000028079190000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://img.shields.io/badge/skeleton-2024-informationalfile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://packaging.python.org/en/latest/guides/packaging-namespace-packages/.file.exe, 00000002.00000002.3005624267.00000280793C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://packaging.python.org/en/latest/specifications/pyproject-toml/#declaring-project-metadata-thefile.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003616548.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925477405.0000028078B5E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942418424.0000028078BB1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927525523.0000028078D49000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940389920.0000028078B77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967054109.0000028078D47000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955692629.0000028078D33000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945133580.0000028078BC7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_syfile.exe, 00000002.00000003.2925196583.0000028076898000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2998285301.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2976813530.000002807689E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2927768539.0000028078421000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.2997295809.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984735484.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942254304.000002807842F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2992798624.0000028078430000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2978938805.00000280768A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2952044076.000002807689A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    http://csrc.nist.gov/publications/nistpubfile.exe, 00000002.00000003.2967864414.0000028079754000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2969140891.000002807975A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943116825.00000280797CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3007157912.00000280797CF000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2968601368.00000280797CE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2966083261.0000028078CA8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2991742208.00000280797CF000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://docs.python.org/3/library/multiprocessing.htmlfile.exe, 00000002.00000003.2624856475.0000028078A81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920071366.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3001856262.0000028078AAB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919065357.0000028078A7D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945240770.0000028078AA9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2949420145.0000028078AAB000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2982495501.0000028078AAB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://github.com/pypa/setuptools/issues/417#issuecomment-392298401file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://packaging.python.org/en/latest/specifications/core-metadata/#core-metadatafile.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              http://crl.securetrust.com/STCA.crlfile.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994065811.0000028078C78000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2987056856.0000028078C67000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2993507959.0000028078C72000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                http://wwwsearch.sf.net/):file.exe, 00000002.00000003.2994471117.0000028078DA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2923129150.0000028078D98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984276983.0000028078DA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924490998.0000028078DA0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://github.com/python/importlib_metadata/wiki/Development-Methodologyfile.exe, 00000002.00000002.3004852665.0000028078E50000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994335456.0000028078E23000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      http://www.accv.es/legislacion_c.htmfile.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        http://tools.ietf.org/html/rfc6125#section-6.4.3file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://crl.xrampsecurity.com/XGCA.crl0file.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2986479235.0000028078C14000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://bugs.python.org/issue44497.file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://tools.ietf.org/html/rfc5234file.exe, 00000002.00000002.3008929502.000002807A1CC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                http://www.cert.fnmt.es/dpcs/file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955945589.0000028078D94000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2946025848.0000028078E3A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2937410297.0000028078D8A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://setuptools.pypa.io/en/latest/pkg_resources.htmlfile.exe, 00000002.00000003.2079274441.0000028078A90000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://google.com/mailfile.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3004135062.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920441166.0000028078D09000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2971135050.0000028078D0A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://img.shields.io/pypi/v/importlib_metadata.svgfile.exe, 00000000.00000003.2061046846.000001B657026000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://packaging.python.org/specifications/entry-points/file.exe, 00000002.00000002.3005414653.00000280792C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://github.com/jaraco/jaraco.functools/issues/5file.exe, 00000002.00000002.3005125638.0000028079070000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://www.accv.es00file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924189361.0000028078E06000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948036554.0000028078E1D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945390495.0000028078CA2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943784858.0000028078E10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2943379909.0000028078C82000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2994335456.0000028078E23000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://www.python.org/psf/license/)file.exe, 00000002.00000002.3015838667.00007FF8A89B8000.00000002.00000001.01000000.00000004.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.pyfile.exe, 00000002.00000003.2952044076.000002807689A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  http://www.rfc-editor.org/info/rfc7253file.exe, 00000002.00000003.2967311944.000002807978C000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2968445568.0000028079784000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C.pdffile.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://foss.heptapod.net/pypy/pypy/-/issues/3539file.exe, 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940496811.0000028078C52000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3003616548.0000028078C54000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          http://google.com/file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955945589.0000028078D9B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2966283089.0000028078D9B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2923129150.0000028078D98000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919978058.0000028078D89000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2984276983.0000028078D9B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://mahler:8092/site-updates.pyfile.exe, 00000002.00000003.2624856475.0000028078A81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920071366.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2088922541.0000028078BA9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2089297635.0000028078AB3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919065357.0000028078A7D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945240770.0000028078AA9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://crl.securetrust.com/SGCA.crlfile.exe, 00000002.00000003.2940612084.0000028078C65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                http://.../back.jpegfile.exe, 00000002.00000002.3008204696.0000028079DE0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://tools.ietf.org/html/rfc7231#section-4.3.6)file.exe, 00000002.00000003.2624856475.0000028078A81000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920071366.0000028078AA7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919065357.0000028078A7D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2945240770.0000028078AA9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    http://tools.ietf.org/html/rfc5869file.exe, 00000002.00000003.2970432547.000002807973C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      http://blog.cryptographyengineering.com/2012/05/how-to-choose-authenticated-encryption.htmlfile.exe, 00000002.00000003.2970747028.0000028078DE5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2957029424.0000028078C4A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000002.3006928419.000002807977F000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2956954575.00000280786A2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2967502051.0000028078C4D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2925477405.0000028078B5E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942418424.0000028078BB1000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2969140891.0000028079771000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940389920.0000028078B77000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2947582504.0000028078C45000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2935859618.0000028078674000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2942167226.0000028078688000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2954505705.000002807975E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2970865529.0000028078BB7000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2919339974.0000028078657000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2922806906.0000028078C29000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2948930593.0000028078C49000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924643855.0000028078C3E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://httpbin.org/postfile.exe, 00000002.00000003.2950504663.0000028078C05000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2920262906.0000028078BEC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2940150161.0000028078C03000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955857645.0000028078C0B000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2624856475.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2986479235.0000028078C14000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2924572956.0000028078BFC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2939232054.0000028078BFD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2918098604.0000028078B13000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000002.00000003.2955257125.0000028078C05000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high

                                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                          142.251.35.161
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                          104.26.9.59
                                                                                                                                                                                                                          		api.myip.comUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          23.57.90.154
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		35994AKAMAI-ASUSfalse
                                                                                                                                                                                                                          152.195.19.97
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		15133EDGECASTUSfalse
                                                                                                                                                                                                                          172.217.19.225
                                                                                                                                                                                                                          		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                          18.238.49.52
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		16509AMAZON-02USfalse
                                                                                                                                                                                                                          162.159.61.3
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          149.154.167.220
                                                                                                                                                                                                                          		api.telegram.orgUnited Kingdom
                                                                                                                                                                                                                          		62041TELEGRAMRUfalse
                                                                                                                                                                                                                          20.42.73.26
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                          23.209.72.33
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                          20.110.205.119
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                          13.107.246.38
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                          204.79.197.219
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                          172.64.41.3
                                                                                                                                                                                                                          		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          204.79.197.237
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                          23.57.90.148
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		35994AKAMAI-ASUSfalse
                                                                                                                                                                                                                          23.57.90.144
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		35994AKAMAI-ASUSfalse
                                                                                                                                                                                                                          94.245.104.56
                                                                                                                                                                                                                          		ssl.bingadsedgeextension-prod-europe.azurewebsites.netUnited Kingdom
                                                                                                                                                                                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                          13.91.96.185
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                          142.250.181.100
                                                                                                                                                                                                                          		www.google.comUnited States
                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                          239.255.255.250
                                                                                                                                                                                                                          		unknownReserved
                                                                                                                                                                                                                          		unknownunknownfalse
                                                                                                                                                                                                                          104.117.182.59
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                          20.96.153.111
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse

                                                                                                                                                                                                                          Private

                                                                                                                                                                                                                          IP
                                                                                                                                                                                                                          192.168.2.5
                                                                                                                                                                                                                          127.0.0.1

                                                                                                                                                                                                                          General Information

                                                                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                          Analysis ID:1560868
                                                                                                                                                                                                                          Start date and time:2024-11-22 13:12:08 +01:00
                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                          Overall analysis duration:0h 12m 39s
                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                          Number of analysed new started processes analysed:60
                                                                                                                                                                                                                          Number of new started drivers analysed:2
                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                                          Sample name:file.exe
                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                          Classification:mal100.troj.spyw.evad.winEXE@179/393@26/25
                                                                                                                                                                                                                          EGA Information:
                                                                                                                                                                                                                          • Successful, ratio: 100%
                                                                                                                                                                                                                          HCA Information:Failed
                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                          • Found application associated with file extension: .exe

                                                                                                                                                                                                                          Warnings

                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 199.232.210.172, 192.229.221.95, 172.217.21.35, 172.217.19.238, 74.125.205.84, 204.79.197.203, 13.107.6.158, 204.79.197.239, 13.107.21.239, 13.107.42.16, 172.165.69.228, 23.32.239.18, 23.32.239.56, 2.16.158.27, 2.16.158.176, 2.16.158.186, 2.16.158.33, 2.16.158.170, 2.16.158.179, 2.16.158.185, 2.16.158.192, 2.16.158.187, 23.193.114.18, 142.251.40.131, 142.251.32.99, 142.250.80.99, 142.251.35.163, 142.250.81.227
                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): nav-edge.smartscreen.microsoft.com, config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, a416.dscd.akamai.net, clientservices.googleapis.com, prod-agic-us-2.uksouth.cloudapp.azure.com, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, www.bing.com.edgekey.net, login.live.com, config-edge-skype.l-0007.l-msedge.net, www.gstatic.com, l-0007.l-msedge.net, config.edge.skype.com, www.bing.com, edge-microsoft-com.dual-a-0036.a-msedge.net, fs.microsoft.com, accounts.google.com, bingadsedgeextension-prod.trafficmanager.net, bzib.nelreports.net.akamaized.net, otelrules.azureedge.net, api.edgeoffer.microsoft.com, a-0003.a-msedge.net, ctldl.windowsupdate.com, www-msn-com.a-0003.a-msedge.net, b-0005.b-msedge.net, prod-atm-wds-edge.trafficmanager.net, www-www.bing.com.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, edge.microsoft.com, fe3cr.delivery.mp.microsoft.com, l-0007.config.skype.com, business.bing.com, clients.l.google.com,
                                                                                                                                                                                                                          • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                          • VT rate limit hit for: file.exe

                                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                                          No simulations

                                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                                          IPs

                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          104.26.9.59file.exeGet hashmaliciousLummaC, Ailurophile Stealer, Amadey, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                            ZoomInstaller.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                              ZoomInstaller.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Clipboard Hijacker, Cryptbot, LummaC StealerBrowse
                                                                                                                                                                                                                                  eSLlhErJ0q.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                    iBO7gzlZr3.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                      5zFCjSBLvw.exeGet hashmaliciousLummaC, Go Injector, LummaC StealerBrowse
                                                                                                                                                                                                                                        FySc2FzpA8.exeGet hashmaliciousGo InjectorBrowse
                                                                                                                                                                                                                                          setup.exeGet hashmaliciousLummaC, Mars Stealer, PureLog Stealer, RedLine, Stealc, Stealerium, VidarBrowse
                                                                                                                                                                                                                                            1719859269.0326595_setup.exeGet hashmaliciousLummaC Stealer, Mars Stealer, PureLog Stealer, RedLine, Stealc, Vidar, XmrigBrowse
                                                                                                                                                                                                                                              152.195.19.97http://ustteam.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                              • www.ust.com/
                                                                                                                                                                                                                                              18.238.49.52file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                file.exeGet hashmaliciousAmadey, Cryptbot, Stealc, VidarBrowse
                                                                                                                                                                                                                                                  LZ_109186961250811H#U00ae.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    http://earnandexcel.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                      https://dfv.pages.dev/IP:Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                        https://aolserv.pages.dev/robots.txtIP:Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                          https://qrco.de/beoXnpGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                            https://o365aqzkadahajmsditmwjlo-987555.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                              https://gbhs.pages.dev/robots.txtGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                Doc Copy - Lingo Construction Services Inc. - RNP58382637F255-1.msgGet hashmaliciousHTMLPhisherBrowse

                                                                                                                                                                                                                                                                  Domains

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  api.myip.comfile.exeGet hashmaliciousAmadey, XWormBrowse
                                                                                                                                                                                                                                                                  • 172.67.75.163
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 104.26.8.59
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Ailurophile Stealer, Amadey, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                  • 104.26.9.59
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAilurophile StealerBrowse
                                                                                                                                                                                                                                                                  • 104.26.8.59
                                                                                                                                                                                                                                                                  installer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 172.67.75.163
                                                                                                                                                                                                                                                                  installer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 172.67.75.163
                                                                                                                                                                                                                                                                  installer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 172.67.75.163
                                                                                                                                                                                                                                                                  installer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 104.26.8.59
                                                                                                                                                                                                                                                                  ZoomInstaller.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 104.26.9.59
                                                                                                                                                                                                                                                                  ZoomInstaller.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 104.26.9.59
                                                                                                                                                                                                                                                                  chrome.cloudflare-dns.comMayitaV16.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, XWormBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  1732215862df90b858ebf82740ce134fb5917becbb3385f4dfc36cbe28d6e90709df01f065739.dat-decoded.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  S0FTWARE.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  wE1inOhJA5.msiGet hashmaliciousRemcos, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  ssl.bingadsedgeextension-prod-europe.azurewebsites.netfile.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, XWormBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  S0FTWARE.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  E89hSGjVrv.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 94.245.104.56
                                                                                                                                                                                                                                                                  api.telegram.orgsosoliso.exeGet hashmaliciousMassLogger RATBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, XWormBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  bZPAo2e2Pv.jarGet hashmaliciousCan StealerBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  bZPAo2e2Pv.jarGet hashmaliciousCan StealerBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  order requirements CIF-TRC809945210.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  Updated Invoice_0755404645-2024_pdf.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  CONTRACT COPY PRN00720387_pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                  Request for Quotation MK FMHS.RFQ.24.11.21.bat.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 149.154.167.220

                                                                                                                                                                                                                                                                  ASNs

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  AKAMAI-ASUSMessage_2605357.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.50.131.200
                                                                                                                                                                                                                                                                  phish_alert_sp2_2.0.0.0 (6).emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.50.131.200
                                                                                                                                                                                                                                                                  88a4dd8-Contract Agreement-Final378208743.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.206.252.175
                                                                                                                                                                                                                                                                  754619b-Contract Agreement-Final727916073.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.195.92.153
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 23.49.251.42
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, XWormBrowse
                                                                                                                                                                                                                                                                  • 23.57.90.111
                                                                                                                                                                                                                                                                  FW_ Signature Required For Agreement with ID_41392PJBM8759674.msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 92.122.16.141
                                                                                                                                                                                                                                                                  Quote Request.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  • 2.19.126.151
                                                                                                                                                                                                                                                                  ExL4unch#U20ac#U00ae.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                  • 104.102.49.254
                                                                                                                                                                                                                                                                  qaHUaPUib8.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 104.102.49.254
                                                                                                                                                                                                                                                                  AMAZON-02UShttps://acrobat.adobe.com/id/urn:aaid:sc:ap:d4296c11-5949-4c29-8c1d-f6d178ced965Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 34.250.9.248
                                                                                                                                                                                                                                                                  https:/novembro-24.s3.us-east-2.amazonaws.com/FAT-Comprovativo_Novembro_hky_22-11-2024_21.htmlGet hashmaliciousCAPTCHA Scam ClickFixBrowse
                                                                                                                                                                                                                                                                  • 3.5.128.122
                                                                                                                                                                                                                                                                  mmb4.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                                                                                                                                                                  • 54.171.230.55
                                                                                                                                                                                                                                                                  https://scam-report.malwarebouncer.com/XT2VkOUF6UWhJRkJORWRibzhzMytNYjdrNS9teUZ4OEhhK3BwL2pVdGJ6b3JVOHpQdlFFU1pVSDVwZC9ObHAzN2ptMTRIald2TXl0dXh0VEFrYzlWbTU4eU9qdTAycjN0VVRRalNHOVJzSkIzcm9hTDFRYnhOU2xkSVYrV2RLRjJ2dk9ITUdnRldMR2hKYzJsb0NuQWJTNG1rSjFaeEpyVDBsS1pYcWpsVTh5bThKUENydWxvcjdmbWR1ZkdvbjRzaElWWUFEMXN4R3ZKcXZaa3NzWnZ2N3ZBS3VjUUcwdz0tLXBNenBsNlZQeDgzanJXMEUtLXRsSDVDalFBbzhFdVNOMnltY2sxcUE9PQ==?cid=294625424Get hashmaliciousKnowBe4Browse
                                                                                                                                                                                                                                                                  • 52.48.171.10
                                                                                                                                                                                                                                                                  https://ex.securemail.intermedia.net/login.html?msgUserId=3883fff1970b5d7b&enterprise=aurorahealth&rrRegcode=Thzq6kFB&locale=en_USGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 54.229.196.238
                                                                                                                                                                                                                                                                  x86_64.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                                                                                                                                                                  • 13.211.250.134
                                                                                                                                                                                                                                                                  88a4dd8-Contract Agreement-Final378208743.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 46.137.25.195
                                                                                                                                                                                                                                                                  vqsjh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 34.243.160.129
                                                                                                                                                                                                                                                                  Mozi.m.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 54.171.230.55
                                                                                                                                                                                                                                                                  mipsel.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                                                                                                                                                                  • 44.242.249.220
                                                                                                                                                                                                                                                                  CLOUDFLARENETUSfile.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 172.67.155.248
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                  • 172.67.155.248
                                                                                                                                                                                                                                                                  Project Breakdown Doc.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                  • 172.67.220.36
                                                                                                                                                                                                                                                                  AdobeViewerPDQv2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.159.140.238
                                                                                                                                                                                                                                                                  Message_2579691_4.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 1.1.1.1
                                                                                                                                                                                                                                                                  Message_2605357.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 104.21.95.6
                                                                                                                                                                                                                                                                  Documenti di spedizione 000293949040405959000.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                  • 104.26.12.205
                                                                                                                                                                                                                                                                  https://dorentop.es/yorii/Odrivex/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  • 104.18.11.207
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                  • 104.21.66.38
                                                                                                                                                                                                                                                                  https://vidrariamortagua.pt/index.php/es/inicio/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 104.22.50.245
                                                                                                                                                                                                                                                                  EDGECASTUShttp://acsltddocu3.technolutionszzzz.net/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 152.199.21.175
                                                                                                                                                                                                                                                                  https://ex.securemail.intermedia.net/login.html?msgUserId=3883fff1970b5d7b&enterprise=aurorahealth&rrRegcode=Thzq6kFB&locale=en_USGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 152.199.21.175
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 152.195.19.97
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, XWormBrowse
                                                                                                                                                                                                                                                                  • 152.195.19.97
                                                                                                                                                                                                                                                                  https://app.smartsheet.com/b/form/9141bdd4d7da45789170a7064a677627Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  • 152.199.21.175
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 152.195.19.97
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 152.195.19.97
                                                                                                                                                                                                                                                                  http://clearview-ps.inwise.net/page_11-21-2024_1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 152.199.21.175
                                                                                                                                                                                                                                                                  http://www.im-creator.com/viewer/vbid-2a496caa-iwgbu2zx/vbid-f9637b78-lok1anrmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 152.199.21.175
                                                                                                                                                                                                                                                                  Status Update DXLG.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 152.199.21.175

                                                                                                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  28a2c9bd18a11de089ef85a160da29e4file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  https://acrobat.adobe.com/id/urn:aaid:sc:ap:d4296c11-5949-4c29-8c1d-f6d178ced965Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  https://vidrariamortagua.pt/index.php/es/inicio/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  http://cdn-webstats.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  Policy Agreement - Nov24.docxGet hashmaliciousKnowBe4Browse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  http://mweb.webhop.orgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  https://hk-csl5g.top/comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50
                                                                                                                                                                                                                                                                  tmp548A4.Html.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 13.107.246.63
                                                                                                                                                                                                                                                                  • 20.190.147.11
                                                                                                                                                                                                                                                                  • 23.218.208.109
                                                                                                                                                                                                                                                                  • 20.12.23.50

                                                                                                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_ARC4.pydfile.exeGet hashmaliciousAmadey, XWormBrowse
                                                                                                                                                                                                                                                                    file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      Payload.exeGet hashmaliciousPython Stealer, BLX Stealer, XLABB GrabberBrowse
                                                                                                                                                                                                                                                                        Payload.exeGet hashmaliciousPython Stealer, BLX Stealer, XLABB GrabberBrowse
                                                                                                                                                                                                                                                                          Creal.exeGet hashmaliciousCreal StealerBrowse
                                                                                                                                                                                                                                                                            #U0416#U0430#U0440#U043a#U043e#U0432#U0430 .exeGet hashmaliciousBlank Grabber, Creal StealerBrowse
                                                                                                                                                                                                                                                                              https://t.ly/Oppenheim0511Get hashmaliciousGO BackdoorBrowse
                                                                                                                                                                                                                                                                                RobCheat.exeGet hashmaliciousPython Stealer, CStealerBrowse
                                                                                                                                                                                                                                                                                  SecuriteInfo.com.Python.Stealer.1251.9496.6786.exeGet hashmaliciousPython Stealer, BLX Stealer, XLABB GrabberBrowse
                                                                                                                                                                                                                                                                                    SecuriteInfo.com.Python.Stealer.1251.9496.6786.exeGet hashmaliciousPython Stealer, BLX Stealer, XLABB GrabberBrowse
                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_Salsa20.pydfile.exeGet hashmaliciousAmadey, XWormBrowse
                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          Payload.exeGet hashmaliciousPython Stealer, BLX Stealer, XLABB GrabberBrowse
                                                                                                                                                                                                                                                                                            Payload.exeGet hashmaliciousPython Stealer, BLX Stealer, XLABB GrabberBrowse
                                                                                                                                                                                                                                                                                              Creal.exeGet hashmaliciousCreal StealerBrowse
                                                                                                                                                                                                                                                                                                #U0416#U0430#U0440#U043a#U043e#U0432#U0430 .exeGet hashmaliciousBlank Grabber, Creal StealerBrowse
                                                                                                                                                                                                                                                                                                  https://t.ly/Oppenheim0511Get hashmaliciousGO BackdoorBrowse
                                                                                                                                                                                                                                                                                                    RobCheat.exeGet hashmaliciousPython Stealer, CStealerBrowse
                                                                                                                                                                                                                                                                                                      SecuriteInfo.com.Trojan.PWS.Stealer.39881.9434.15338.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        SecuriteInfo.com.Python.Stealer.1251.9496.6786.exeGet hashmaliciousPython Stealer, BLX Stealer, XLABB GrabberBrowse

                                                                                                                                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Bunny\Autofills\Autofills.txt

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):89
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.425635223750452
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:FJQ/Ji40JSQMJsyPRKcJW5KeBFzwhzdn:ziJi4wEJhPRKcY5JFKx
                                                                                                                                                                                                                                                                                                          MD5:D8A25A825AA88C0A2E46B6A38378DEF6
                                                                                                                                                                                                                                                                                                          SHA1:FA01248E4B1B6CF82C6E40BFFD362D0745CF9CE7
                                                                                                                                                                                                                                                                                                          SHA-256:0539DB0488C9C7B8B8D518F71152874F8CFA26D5236B201687AAED21FF959AB3
                                                                                                                                                                                                                                                                                                          SHA-512:17380E3E76BDD34AC6B660444692B97CF11F76E242130761411DE95E0E088CC455BF31104ABB972EF5CB97AC91192AA813ACFDA429F273CB2D5EAA5911B76B86
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Ailurophile Stealer - Telegram: @Ailurophilevn....No autofills found for Chrome Default..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Bunny\Info.txt

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\dxdiag.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):85407
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2062859938163495
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:lP9JWMB5MBBDQ6Uc8FgGVoXX7lV6EMR57X3i0hG6gHCXkNEr+aL/FkJOlKwY0:l7cnOV2uRoxHtOu0
                                                                                                                                                                                                                                                                                                          MD5:29C984F5ACFE37D2E0FE99427F222BD1
                                                                                                                                                                                                                                                                                                          SHA1:0A4835FD8B71BA29616C91724112412A377BB8DB
                                                                                                                                                                                                                                                                                                          SHA-256:D5B620A7E6AE6CD338B37AA4E9831A8B2DE02E6CDAE205949F2E378EF9F06EA4
                                                                                                                                                                                                                                                                                                          SHA-512:38F171527129CBA8FEAD54669415505ABE2F77F488865CCE3FCAD8412ECEA70FF0891ACC79287C660D19369252E76413CCF0468CE306A02CC998BDC00C91AEB4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:------------------..System Information..------------------.. Time of this report: 11/22/2024, 07:13:08.. Machine name: 494126.. Machine Id: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}.. Operating System: Windows 10 Pro 64-bit (10.0, Build 19045) (19041.vb_release.191206-1406).. Language: English (Regional Setting: English).. System Manufacturer: 5SDM6BUbS8a9zeP.. System Model: psOvlA2P.. BIOS: VMW201.00V.20829224.B64.2211211842 (type: UEFI).. Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz (4 CPUs), ~2.0GHz.. Memory: 8192MB RAM.. Available OS Memory: 8192MB RAM.. Page File: 1692MB used, 6498MB available.. Windows Dir: C:\Windows.. DirectX Version: DirectX 12.. DX Setup Parameters: Not found.. User DPI Setting: 96 DPI (100 percent).. System DPI Setting: 96 DPI (100 percent).. DWM DPI Scaling: Disab

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\D3DSCache\fe8d97be6d92aa78\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\dxdiag.exe
                                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):65552
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.012588069182000032
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:63qIllGlll/l/lXp9ZjrPBY06llcllXgvZP:63qIl0dPBY0O6/O
                                                                                                                                                                                                                                                                                                          MD5:7A0F107CC175B4CA3EDB21F3953CB3E9
                                                                                                                                                                                                                                                                                                          SHA1:7B64025EA33E429362475759AEB787CE8D3E101C
                                                                                                                                                                                                                                                                                                          SHA-256:27F484DE82D7E1A41A5DC67D0AE827C8407C07FFDF1DEF1D61BB114E825F74E0
                                                                                                                                                                                                                                                                                                          SHA-512:732FBF07C8C32F122E3DB2DEC40B727F9C1669F5103A741E56699C042530628755BDDC62E8F84B6321E2818F2080C17CF5FB0AE59C7701670491284C252C4BCB
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.j..........................................f...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\D3DSCache\fe8d97be6d92aa78\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\dxdiag.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.5
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:R:R
                                                                                                                                                                                                                                                                                                          MD5:F49655F856ACB8884CC0ACE29216F511
                                                                                                                                                                                                                                                                                                          SHA1:CB0F1F87EC0455EC349AAA950C600475AC7B7B6B
                                                                                                                                                                                                                                                                                                          SHA-256:7852FCE59C67DDF1D6B8B997EAA1ADFAC004A9F3A91C37295DE9223674011FBA
                                                                                                                                                                                                                                                                                                          SHA-512:599E93D25B174524495ED29653052B3590133096404873318F05FD68F4C9A5C9A3B30574551141FBB73D7329D6BE342699A17F3AE84554BAB784776DFDA2D5F8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:EERF

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\D3DSCache\fe8d97be6d92aa78\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\dxdiag.exe
                                                                                                                                                                                                                                                                                                          File Type:Matlab v4 mat-file (little endian) (, numeric, rows 0, columns 16, imaginary
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):65536
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.020482262885854904
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:9llpl5d2DJqojBdl+Sli5lWyyHk15lRlTNlktt/llaia9sVQMm6En:c9q0Bn+SkSJkJNetb2Hrn
                                                                                                                                                                                                                                                                                                          MD5:27C5B2CF8CC33DE010AE37B1B8B0E715
                                                                                                                                                                                                                                                                                                          SHA1:F4B312BFCF51C533CA43AC8A5302450A906159AA
                                                                                                                                                                                                                                                                                                          SHA-256:2EB0A2FD1624CFD6E21CF4121E8C44071EEAAA94FC1B0B9A39B23B571D58D40F
                                                                                                                                                                                                                                                                                                          SHA-512:0ECF3D1E0FE3C336C5A12A01D0F960E605A3B1422ED1FE38C16BC959027890E91BC91C0DA70115ADDCFD4681112E8E20C6EAB68C2BF41F731CF97B05656B24DA
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:................>...(....x:no.&A.e.u~+..C.:.\.W.i.n.d.o.w.s.\.s.y.s.t.e.m.3.2.\.d.x.d.i.a.g...e.x.e.................................(...p.DJ!.IL.....Zm.F............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\passwords.db

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                          MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                                          SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                                          SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                                          SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\webdata.db

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                                                                                          MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                                                                                          SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                                                                                          SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                                                                                          SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0271e5f8-ba41-4bb9-ab22-99868f3a85e6.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44640
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.096434261967304
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBKwurhDO6vP6ODS6sQC02DA8DF+FpBcGoup1Xl3j4:z/Ps+wsI7yOEh6jS6sGBchu3VlXr4CR8
                                                                                                                                                                                                                                                                                                          MD5:79F1CF9743BB528D0CCEFA878590BF96
                                                                                                                                                                                                                                                                                                          SHA1:C159F6EAB94CB9A42C551A0B114FDA73A46A6430
                                                                                                                                                                                                                                                                                                          SHA-256:C9C92FFE41F582A199B61BCD08A582DF8062FED72E79E80CDE49F7A655B5033F
                                                                                                                                                                                                                                                                                                          SHA-512:2C4BB9D8008992F60A43F985D78A157412DC2CC41ED5B258C4C0E79008AC88CD69F43659D0D9547F7894EEF307AA96D7BAAB2D43D7B4C5680263FA7DABEECB02
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4c76400e-1a5f-4c5d-a554-283603675cec.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44714
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.096650722743452
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBKwurhDO6vP6ODS6spX02DA8DF+FpBcGoup1Xl3j0:z/Ps+wsI7yOEh6jS6sIBchu3VlXr4CRg
                                                                                                                                                                                                                                                                                                          MD5:4B5CEC7AFB824E3A62ED22B79E3939DE
                                                                                                                                                                                                                                                                                                          SHA1:9F592A14BE014C5989F5B651AC21E0B8D9A0F95A
                                                                                                                                                                                                                                                                                                          SHA-256:A2438A45693F4C99A5E9949498E540224E6F67A3C321329C865F42308EF848B9
                                                                                                                                                                                                                                                                                                          SHA-512:62D91A7A0D5CD93093EF1ABC6CD9EE81E0E8BCD565BEF342126A99707E351FC41AF3FD8FF98E3D4248D07025C82E83775049D4E19EE3E3A0C36D73B467A47155
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\67dd2960-eb8d-4848-926d-94ac837d3ea6.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):45460
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.097067447978073
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBKwurhDO6vP6ODS6s1/0ecGoup1Xl3jVzXr4CCAo5:z/Ps+wsI7yOEh6jS6sfchu3VlXr4CRo5
                                                                                                                                                                                                                                                                                                          MD5:A33DC6AC4E85FCA895260EE8646ABD71
                                                                                                                                                                                                                                                                                                          SHA1:32DAB605DDFD858B86EF22186361E8FBE03212D0
                                                                                                                                                                                                                                                                                                          SHA-256:849DB00FF5FC2C1ADA013C534B0DF2A9519AEB163DEEFE289F5D6DD30F7A280D
                                                                                                                                                                                                                                                                                                          SHA-512:EB7FB9D542BDA2F16016D5153DE4CB9960E0A3482AF688D4DA9B5D90D8F805D66C2D78F9BB3B9154DF17158ACF62936ABA0FEE0C593C46D57749D0ACF1F53DD3
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8d443ce8-6769-4aad-860a-ab3b406f8878.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):44636
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.096602405245416
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkB9wurhDO6vP6ODS6sx50zPwF5RUcGoup1Xl3jVzXq:z/Ps+wsI7ynEc6jS6s+chu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:6F6EF2345D09858D6289342B1C5A488B
                                                                                                                                                                                                                                                                                                          SHA1:3A5C0762CF530D5886978612D63F40905BD42180
                                                                                                                                                                                                                                                                                                          SHA-256:44FDE736745FFC8FD5CC6FB83EDFB29BE946655BA762E0FDC043BB5C1BD32BF1
                                                                                                                                                                                                                                                                                                          SHA-512:C11602E076CADA1BBB60435BE229883ECD7186FA37B156BBBBDCEA4EE4FEAEFD2165EBF25388222D25B1CD455AF25977809B2968FF33968F950F06514E08BD9F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\a9412f1e-870e-444d-a9e6-cf14f4fdeb6a.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):107893
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.640132669903667
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7+:fwUQC5VwBIiElEd2K57P7+
                                                                                                                                                                                                                                                                                                          MD5:18D8F6617A5020376CEDA06FB42C24D5
                                                                                                                                                                                                                                                                                                          SHA1:F921FF53D8E1A065550AD835D89E550FDF448795
                                                                                                                                                                                                                                                                                                          SHA-256:C0E1D05E90044F0F5810E83826BE6449D44234CD601668E5E041FE7F3B2CAB32
                                                                                                                                                                                                                                                                                                          SHA-512:4FC6D77BDE79EB4EA56D8CFAEE5908C6D9233E65AD199C52A7425B76ECE9869466D3BE52E2A20B85FE50ABD712C57D8591DEBDDB9F3CBA45070E3233CC185DA4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):107893
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.640132669903667
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7+:fwUQC5VwBIiElEd2K57P7+
                                                                                                                                                                                                                                                                                                          MD5:18D8F6617A5020376CEDA06FB42C24D5
                                                                                                                                                                                                                                                                                                          SHA1:F921FF53D8E1A065550AD835D89E550FDF448795
                                                                                                                                                                                                                                                                                                          SHA-256:C0E1D05E90044F0F5810E83826BE6449D44234CD601668E5E041FE7F3B2CAB32
                                                                                                                                                                                                                                                                                                          SHA-512:4FC6D77BDE79EB4EA56D8CFAEE5908C6D9233E65AD199C52A7425B76ECE9869466D3BE52E2A20B85FE50ABD712C57D8591DEBDDB9F3CBA45070E3233CC185DA4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67407573-1894.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.2665394078124484
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:nNhJwCGrnDak+YDgiUiRGYVOR4Tl/00QQHeI00Q:nzJwFLDaPYDgiuYVOR4ThgjI00Q
                                                                                                                                                                                                                                                                                                          MD5:876D6277F955264DBF8C05442494C35C
                                                                                                                                                                                                                                                                                                          SHA1:6617EFB5CFF509D44EF30789E7109BBAE6E1760B
                                                                                                                                                                                                                                                                                                          SHA-256:EAC4B34BD48E2AD7CC03984C31B5A97168FC860E46856399AB88E073DC698FED
                                                                                                                                                                                                                                                                                                          SHA-512:020C0C13067183BD5E25CE141006D7452A60869E03CFDB768208AD3F1A7F5F320900EE5A97F2811AC42E7E11D198179B12A4D71D5F79B485244CBEE00C837B4E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@...............8...................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(.....................$..<.w..U?:K.'D.I..G.......W6....{....>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2.......

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6740757C-1E2C.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.03191309166024082
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:2i0o3tmP6rVZMJu4c4NgsXLiwk0foYh9wBpzewRQMnXJs:T0stwHi2JhSSMds
                                                                                                                                                                                                                                                                                                          MD5:DEB77337843EB784675D1C6991ADBC1C
                                                                                                                                                                                                                                                                                                          SHA1:21A8BFA35498F5323B952FEDED3C40992C955542
                                                                                                                                                                                                                                                                                                          SHA-256:3E2915D4FF2FD0D08734CB241A3F5E99FCF785477EF31E8E4526531A2D344458
                                                                                                                                                                                                                                                                                                          SHA-512:EACD300971B431596105EC34A38F898439F62D3F855160B208B397F569EF80262BEE648C0B235A45546D5264BE30EFB4C43CADAE5E748ACF32540E4A561B36D3
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@...............pN...J..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(..................... ..<.w..U'D.I..G.......W6....{....>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z...........................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6740757D-1BD0.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.030199159900134154
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:MQ0o3tDP6rxIIkjJacS4ibJx8Pe9XWig3dDhE5sBVlhpy:z0st7VacSpvmFhN1
                                                                                                                                                                                                                                                                                                          MD5:3DA7B9D06206FCB65896E670BB931762
                                                                                                                                                                                                                                                                                                          SHA1:102BB01CCEB6BB525774504209A1B64DC172C5AE
                                                                                                                                                                                                                                                                                                          SHA-256:6D612D2AADEF3D569253AB91D6FF30F500250FCDDC1C2B790A7EE8EBBFE991F9
                                                                                                                                                                                                                                                                                                          SHA-512:3795620603F44C68565544C7E05E639A525284081B22C5DCB11743E8BFE19F3FECC6D8B733FF4DD7FACA43C4FA9452DB64745705061BDE455C6E646711C2B8A7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@...............8G...F..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(.....................$..<.w..U?:K.'D.I..G.......W6....{....>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z.......................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67407581-20F8.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.032435976257145026
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:5W0botmP6rVZMJu4c4NgsXGiw00foYhAwBwRBewRQMnCW:c0ktIHi75hZqKMmW
                                                                                                                                                                                                                                                                                                          MD5:FFA301FF5967F09AB224672061D1B7C8
                                                                                                                                                                                                                                                                                                          SHA1:49D90A39B90BEB012F41897CBB519C175DCAFC6C
                                                                                                                                                                                                                                                                                                          SHA-256:C25578766C42D31DA7C46B1E33E2C636A90A70754030CDB68BF7F3E155F6CDD4
                                                                                                                                                                                                                                                                                                          SHA-512:B7227531082F0EFD674E86EE290588CC6D9F567D88F5CDC9D36CBEB64DBC4A012BE34DECAA19BC3150E2FB16EC6C32789CBAE8CB998BE2DA78443E4646D4365F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@...............pO...N..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(..................... ..<.w..U'D.I..G.......W6....{....>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z...........................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67407582-20DC.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.027793664787613356
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:3n0botDP6r5Z/Ju4JiYXqhgbE6hU4BVaqfO:30kt2uc/hNt
                                                                                                                                                                                                                                                                                                          MD5:58417829029F8462A4B4943A6CA04317
                                                                                                                                                                                                                                                                                                          SHA1:F6796ED3017CB18D6554F9DA7A16776B861AA259
                                                                                                                                                                                                                                                                                                          SHA-256:E24602182DC85EF4CE5E0BFD0B2786E43835733B75CE0B8CBA55A5D6ADDB64EB
                                                                                                                                                                                                                                                                                                          SHA-512:7C6986A2757B4E8CB2215C71854400A1C091BAF78B78317E4E1BBEEFA94985A31B7B28CF2B3E97F18CDAC8133B65E864A130112F45200E48F6BE085EE25491BF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@................C.. C..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(.....................$..<.w..U?:K.'D.I..G.......W6....{....>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z.......................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67407585-22FC.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.03157531254234243
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:/M0LWltmP6rlZnc/JKPisYsg/X75H0kfznhtHBw62gwRQcW0cMcAU:U0LAtm8YZpvhpqCMTU
                                                                                                                                                                                                                                                                                                          MD5:BE716AA7D91B3D8494CFCE9BC7A5F108
                                                                                                                                                                                                                                                                                                          SHA1:72C4F1579DEAE4E39C0E2FE2557A8F91ECBFFCD3
                                                                                                                                                                                                                                                                                                          SHA-256:95A254589CC4F8BC8F3AF8C59D55E299E67CF7F2CEE4FD02B40B4FA83BE902B2
                                                                                                                                                                                                                                                                                                          SHA-512:F45660A8DBCBE2EA5846C96C8437FA7AB814159200654D643B0B812224D258526F01D8AE35905A833D945306968EDE69C5EA3462702AA5E2B66F6FA24462562D
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@................M.. J..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(..................... ..<.w..U'D.I..G.......W6....{....>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z...........................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67407586-21B0.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.24324952403063993
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:OE+Ck0HR1FQBnMCRGLeYjlWd7mDB4pIbsBVEYU7:OEi0x1F0nMrLeYjlWdKDFQzEYM
                                                                                                                                                                                                                                                                                                          MD5:DD25B13D2BC70E34DF59A34D43F4EACC
                                                                                                                                                                                                                                                                                                          SHA1:1188C46D685F2AB6A5D70974A11D1275D4EA68FD
                                                                                                                                                                                                                                                                                                          SHA-256:C9A84844ACD14FD4483EF94FB3A9A76C594A579A3E14F38B20304C95C6BBCCFF
                                                                                                                                                                                                                                                                                                          SHA-512:9173F895B49FE2829868769BEED0C9E286187E46913592574363C17A9A9B0E95F9005A1CFA34CA954A2D0FAC4819FF5B48D75676ACB03AA9B87041D52728AB40
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@................L..hL..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(.....................$..<.w..U?:K.'D.I..G.......W6....{....>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z............<..8...#...msNurturingAssistanceHomeDepende

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6740758D-210.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.03162098457942142
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:/a0t2tmqvDEKX7lJEaIX1gjcg/XeRY0c/j3hBH+YBfQwRQcu66:S0EtXeHaJT3htDuMh6
                                                                                                                                                                                                                                                                                                          MD5:73D0C00E9DD06BCFFBCC155A4750AD19
                                                                                                                                                                                                                                                                                                          SHA1:98C41BA1499401FE7CC089ED9CD1CF66ECA303C6
                                                                                                                                                                                                                                                                                                          SHA-256:06310FEF4123F2BBF30301AD8033F2F905D21ED8956D6CA1B24D72CE989BAB40
                                                                                                                                                                                                                                                                                                          SHA-512:5A82CF1CEE0C595FA8491E60B1FFA120E93FE12F0D4AA88361AE879A1250F15B8E0F9D1A40F11369F1E9595D2839069F6A1413455BD6516947F1A5EC4FB60C33
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@................M..(J..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(..................... ..<.w..U'D.I..G.......W6....{....>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z...........................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6740758D-2298.pma

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.4170422439810291
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:nEGJbf1bgDGf/IJm1GMLmuzoOkssA/EVbjmqK2Ksg1HFaI:hbd+W/Ic1GM6jksA/EtmqK2KsaHP
                                                                                                                                                                                                                                                                                                          MD5:E6213BD76BD9DB5EA1917CB7E90046CA
                                                                                                                                                                                                                                                                                                          SHA1:F5903ABE96D2EB36140CD59A0211DCCBE0554389
                                                                                                                                                                                                                                                                                                          SHA-256:AB9F3AC9DF25CDC15C233353CCADD1ADB2C29D4D4D59DE02D878664EE5715EA2
                                                                                                                                                                                                                                                                                                          SHA-512:BAD23A927D3AC120F97BCE27ED78ADA3F7EB42EEF24E510682520F869C270C0D6725EE0823AFB880BE541130FAC3B6D0FFD16CE89918393477F7D0AD65909D43
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@...............80.../..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".erhhwb20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(.....................$..<.w..U?:K.'D.I..G.......W6....{....>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z............<..8...#...msNurturingAssistanceHomeDepende

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):280
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.17395354139143
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:FiWWltlApdeXKek1iUniIWpCWjwBVP/Sh/JzvPWVcRVEVg3WWD5z:o1ApdeaHiKgjwBVsJDu2ziy5
                                                                                                                                                                                                                                                                                                          MD5:70F761B73C3BBD3D6D89E667F08D3B2C
                                                                                                                                                                                                                                                                                                          SHA1:D462134FD3193ABA173B45FFF8F14413AA2FCB05
                                                                                                                                                                                                                                                                                                          SHA-256:26E34F57516B68B0ECD40247EC39D2B9302A7156B2CD9308D99FE26BE0B855E5
                                                                                                                                                                                                                                                                                                          SHA-512:CF6627D1B5E42587F5BF0021BE9C071DC73E304EEE7CA190C432431A0CFBC633660537B8FC0434A7999BA77F83D47CBD40E495276E9776149CAD05A32C3E8B53
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:sdPC......................X..<EE..r/y..."DmHYrCHlc5lFyRGUq62R3qS1k3Ui6rBGmzkDnx9Vsbw="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................fdb35e9f-12f5-40d5-8d50-87a9333d43a4............

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\009237b3-3726-4f86-ae0e-4dffc9ac53e6.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):39694
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.562361451778008
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:luXE9A7pLGLPIuWPaEfZL8F1+UoAYDCx9Tuqh0VfUC9xbog/OVMhkIsnW3zrwRtA:luXE9McPIuWPaEfZLu1jalhkIsW3IvUZ
                                                                                                                                                                                                                                                                                                          MD5:A1756CB1EAAB73923E1226D3293DA409
                                                                                                                                                                                                                                                                                                          SHA1:F4324CE3FB8FB72AFAD5B481EE5623F1800E42E6
                                                                                                                                                                                                                                                                                                          SHA-256:05F43AA11F3F97538E3BC8063A04EE35DC20648E2FACDCCA15B1F71072E3A3E5
                                                                                                                                                                                                                                                                                                          SHA-512:C503B1D768F41B18854AAD25B234F168490E437241F9C6BDEC1C42C6C4472E8CD0D022EF42B9E4AED7573A1ECC0C0A6BB1ED217246427D122C54FF5BBA3BAC2D
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376751248820164","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376751248820164","location":5,"ma

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\31facf57-7899-4bf6-aebb-d3f4ff346bc7.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5233fca2-b77a-45a8-b98d-f42d50eaf430.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (16850), with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):16850
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.489273210832696
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:st6LAJuns//Ofhyp5QqBpvHbG2hQwm6WJaTYF:s0cJugOfebGJF9aTYF
                                                                                                                                                                                                                                                                                                          MD5:509998CA28F6FBC43C79AF861DBEEA0B
                                                                                                                                                                                                                                                                                                          SHA1:AAC32DEBA61C2E30568962CA1148436F4D58FAB4
                                                                                                                                                                                                                                                                                                          SHA-256:33FAC68FBF88AA15D02DF87B64FD78149EA69DFCD6A624AFF38342DF8D7A581E
                                                                                                                                                                                                                                                                                                          SHA-512:7A8CE7B10058AC8B1199E501DB6DC6ABEDD81B86977D4AD87733BE1D112BD00781CBBCBA1600F43178D09E8EAD2C4C4ADC9D208FEA8F16FB7368B227676C99D9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376751249256297","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\766dafce-bc1e-4cb4-938d-cf823aa35e98.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (17015), with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):17015
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.485900800078216
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:st6LAJuns//Ofhyp5QqBpvHbG2hQwm6WRlaTYF:s0cJugOfebGJFzaTYF
                                                                                                                                                                                                                                                                                                          MD5:3EC4760BCA0363B6FD04E333B476FB45
                                                                                                                                                                                                                                                                                                          SHA1:5122662B691C86856917B0D1B9D20C5E181861A0
                                                                                                                                                                                                                                                                                                          SHA-256:22C9D889F83DDDFEEC87A34F0646F4350726A89ECA844A3D3CA69DB222C36D7A
                                                                                                                                                                                                                                                                                                          SHA-512:CBCC3F00FA7EBD29347D0E955A56B11929CAF149512A3BD9105D1C4038CFAD135C60B4495957E10D7A5FCE32F3B852BCCEE9DF1895D0036EDDE27B3C64DA4832
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376751249256297","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7d6c0967-4435-4621-bd97-4b907ab5e440.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7f8686ac-64f0-4d9e-87c1-53361fb9bd34.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8366d173-d2dd-494d-bfb9-b2a3aa3f2403.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\847c17ce-2116-4bcc-a6df-283728ee4c51.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9217b080-1f9e-4127-8b6d-55970e8f3738.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):25012
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.5670632165222935
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:lPNEkuWPaEfwL8F1+UoAYDCx9Tuqh0VfUC9xbog/OVKIsnWczrwBSypwtu1:lPNEkuWPaEfwLu1ja3IsWcIate
                                                                                                                                                                                                                                                                                                          MD5:34488213814FBF13EB326E31BDB28321
                                                                                                                                                                                                                                                                                                          SHA1:C9C23FD6B53AE4DB4DCFFB801368CB1200E14B2A
                                                                                                                                                                                                                                                                                                          SHA-256:E686D8B058DD330A2A1EF7D0D95032EC5587DBB5C8BF4C85318635F232B5324A
                                                                                                                                                                                                                                                                                                          SHA-512:D11F4A84C9A9FD8A48850CD8AB473EA4BB29276D7400856256FAC6915056C2CFDB35476A20BA9E720A9835620DE105CEF7E604EE3D3BB0A92F723E0A7CA99BA7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376751248820164","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376751248820164","location":5,"ma

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):2163821
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.222878284203816
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24576:v+/PN8F3fI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:v+/PN8Bfx2mjF
                                                                                                                                                                                                                                                                                                          MD5:F9A961360ADF99215D4FA545419456E6
                                                                                                                                                                                                                                                                                                          SHA1:C06FB1BB33755D76ED65524D6FF344326352491A
                                                                                                                                                                                                                                                                                                          SHA-256:7AF356394FA53986DC2DDFA29DB04F92ACA4F0B32F4B2B82B289FE27F2BFA937
                                                                                                                                                                                                                                                                                                          SHA-512:6EACC3B3D31737D05D798854B934240B0597EFE00850C15CF6FBCEAB2D8CE78097D284264655F083C1B9791AE0F0D542DEA7CC5F16C35D0C146469DBD42FF1F8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...m.................DB_VERSION.1.l.i.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340900604462938.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.121642308504785
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Ho1Q+q2P923oH+Tcwt9Eh1tIFUt8Yo8dWZmw+YogF+pQVkwO923oH+Tcwt9Eh15d:N+v4Yeb9Eh16FUt8iW/+4F+iV5LYeb9O
                                                                                                                                                                                                                                                                                                          MD5:BDF7D21A493A9EFF7D5F0B1192749F35
                                                                                                                                                                                                                                                                                                          SHA1:ADC36702FCD28231B6217B9C786E70E03219C8AF
                                                                                                                                                                                                                                                                                                          SHA-256:6224A81F14CBFA55B635980326A360E128C187A4F71732909AE004FEAE05924A
                                                                                                                                                                                                                                                                                                          SHA-512:EA624035685498AD7B0E2D0000A8290194189FB1EAF2C5876CF49BE91240CEC2C884A609B4D15F53076ABE55AE5752D303FBD0B232CE450B4035E2E433314088
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:13.764 1c3c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/11/22-07:14:13.783 1c3c Recovering log #3.2024/11/22-07:14:13.791 1c3c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.121642308504785
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Ho1Q+q2P923oH+Tcwt9Eh1tIFUt8Yo8dWZmw+YogF+pQVkwO923oH+Tcwt9Eh15d:N+v4Yeb9Eh16FUt8iW/+4F+iV5LYeb9O
                                                                                                                                                                                                                                                                                                          MD5:BDF7D21A493A9EFF7D5F0B1192749F35
                                                                                                                                                                                                                                                                                                          SHA1:ADC36702FCD28231B6217B9C786E70E03219C8AF
                                                                                                                                                                                                                                                                                                          SHA-256:6224A81F14CBFA55B635980326A360E128C187A4F71732909AE004FEAE05924A
                                                                                                                                                                                                                                                                                                          SHA-512:EA624035685498AD7B0E2D0000A8290194189FB1EAF2C5876CF49BE91240CEC2C884A609B4D15F53076ABE55AE5752D303FBD0B232CE450B4035E2E433314088
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:13.764 1c3c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/11/22-07:14:13.783 1c3c Recovering log #3.2024/11/22-07:14:13.791 1c3c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):28672
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.4613958995378169
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBu5Fp:TouQq3qh7z3bY2LNW9WMcUvBuh
                                                                                                                                                                                                                                                                                                          MD5:B2C632864BCFE520069A4BB3DB221FB4
                                                                                                                                                                                                                                                                                                          SHA1:5013F433C113EAB9CC77560E2BE9232E9B85CE9C
                                                                                                                                                                                                                                                                                                          SHA-256:98CB61345B602CCEE1145D65C4BE1961C9821F86FF4B4FE20737479214202969
                                                                                                                                                                                                                                                                                                          SHA-512:EAF4342FCE4B70F1F4A8E9E382BCDD75B021CD277BB572173526290CD3D349A2EAB6ABDEE0C4E898EAF6050BC844977D7579C5A123E8599326C1B8DDC8427786
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):10240
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8708334089814068
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                                                                                                                                                                                          MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                                                                                                                                                                                          SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                                                                                                                                                                                          SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                                                                                                                                                                                          SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):348
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.187718478666752
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDZyq2P923oH+TcwtnG2tMsIFUt8YoD11Zmw+YoDjRkwO923oH+TcwtnG2tMsLJ:gZyv4Yebn9GFUt8LX/+LjR5LYebn95J
                                                                                                                                                                                                                                                                                                          MD5:D5EB2555C6CE07BD6B8D2B1A10AB5E46
                                                                                                                                                                                                                                                                                                          SHA1:863CE7CB8C25E96A5E48C0E0FABF05C8ACE7C59C
                                                                                                                                                                                                                                                                                                          SHA-256:ECE708245D65CBEF07AAA8E2CC1CFDE5CB8DC4A2D9E90144A977F768C418ABA6
                                                                                                                                                                                                                                                                                                          SHA-512:FAA01885F4211BD5562CDA7B7EA3CA117B64A1D29B39BD654A09B2A1B8DC5F67AC625F5FDA7EC123C6580D6198EBBB861EEE8C1D797B143728D996D435AB784E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.853 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/11/22-07:14:08.855 12e4 Recovering log #3.2024/11/22-07:14:08.855 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):348
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.187718478666752
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDZyq2P923oH+TcwtnG2tMsIFUt8YoD11Zmw+YoDjRkwO923oH+TcwtnG2tMsLJ:gZyv4Yebn9GFUt8LX/+LjR5LYebn95J
                                                                                                                                                                                                                                                                                                          MD5:D5EB2555C6CE07BD6B8D2B1A10AB5E46
                                                                                                                                                                                                                                                                                                          SHA1:863CE7CB8C25E96A5E48C0E0FABF05C8ACE7C59C
                                                                                                                                                                                                                                                                                                          SHA-256:ECE708245D65CBEF07AAA8E2CC1CFDE5CB8DC4A2D9E90144A977F768C418ABA6
                                                                                                                                                                                                                                                                                                          SHA-512:FAA01885F4211BD5562CDA7B7EA3CA117B64A1D29B39BD654A09B2A1B8DC5F67AC625F5FDA7EC123C6580D6198EBBB861EEE8C1D797B143728D996D435AB784E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.853 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/11/22-07:14:08.855 12e4 Recovering log #3.2024/11/22-07:14:08.855 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old~RF41152.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):348
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.187718478666752
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDZyq2P923oH+TcwtnG2tMsIFUt8YoD11Zmw+YoDjRkwO923oH+TcwtnG2tMsLJ:gZyv4Yebn9GFUt8LX/+LjR5LYebn95J
                                                                                                                                                                                                                                                                                                          MD5:D5EB2555C6CE07BD6B8D2B1A10AB5E46
                                                                                                                                                                                                                                                                                                          SHA1:863CE7CB8C25E96A5E48C0E0FABF05C8ACE7C59C
                                                                                                                                                                                                                                                                                                          SHA-256:ECE708245D65CBEF07AAA8E2CC1CFDE5CB8DC4A2D9E90144A977F768C418ABA6
                                                                                                                                                                                                                                                                                                          SHA-512:FAA01885F4211BD5562CDA7B7EA3CA117B64A1D29B39BD654A09B2A1B8DC5F67AC625F5FDA7EC123C6580D6198EBBB861EEE8C1D797B143728D996D435AB784E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.853 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/11/22-07:14:08.855 12e4 Recovering log #3.2024/11/22-07:14:08.855 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old~RF42c6b.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):348
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.187718478666752
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDZyq2P923oH+TcwtnG2tMsIFUt8YoD11Zmw+YoDjRkwO923oH+TcwtnG2tMsLJ:gZyv4Yebn9GFUt8LX/+LjR5LYebn95J
                                                                                                                                                                                                                                                                                                          MD5:D5EB2555C6CE07BD6B8D2B1A10AB5E46
                                                                                                                                                                                                                                                                                                          SHA1:863CE7CB8C25E96A5E48C0E0FABF05C8ACE7C59C
                                                                                                                                                                                                                                                                                                          SHA-256:ECE708245D65CBEF07AAA8E2CC1CFDE5CB8DC4A2D9E90144A977F768C418ABA6
                                                                                                                                                                                                                                                                                                          SHA-512:FAA01885F4211BD5562CDA7B7EA3CA117B64A1D29B39BD654A09B2A1B8DC5F67AC625F5FDA7EC123C6580D6198EBBB861EEE8C1D797B143728D996D435AB784E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.853 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/11/22-07:14:08.855 12e4 Recovering log #3.2024/11/22-07:14:08.855 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.612086579064604
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:TLs9pRSJDBJuqJSEDNvrWjJQ9Dl9np59yDLgHFUxOUDaaTXubHa7mWnI6OhCMAqD:TLapR+DDNzWjJ0npnyXKUO8+j2p0emL
                                                                                                                                                                                                                                                                                                          MD5:1D7ED7F92FCDD93E7066BDB5825B0A99
                                                                                                                                                                                                                                                                                                          SHA1:720132F5879727562759568B631C724D51CD1AED
                                                                                                                                                                                                                                                                                                          SHA-256:DBA90DEE2C7CB805040F98DA955619EB30A363843E84BACD9B494594DD4EA027
                                                                                                                                                                                                                                                                                                          SHA-512:50142928C1626810E408146D22F61BBA452FF63D0B773D68BEBBC243B8B89F39439EA754496D856FBDD39B9B465FE879D0B125BFEE0DA6131B4B27619196E612
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):375520
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.354099558435347
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6144:BA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:BFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                                          MD5:FD56759283A7AACC427973F7465DDF8A
                                                                                                                                                                                                                                                                                                          SHA1:5B10019592C1350605483CDD9B3ACE7D6DD5998E
                                                                                                                                                                                                                                                                                                          SHA-256:6A0EC9EB4E1E9DA34786872F01E84C0F49BDEA94F823A23B18A86AD0F67448C0
                                                                                                                                                                                                                                                                                                          SHA-512:329D0F2FDA40E355B71DAE324BE50EFC508994D54BD9EA083F490F696F5A9551BC619768BAEE4E5423227CAF4B710F86E019997997C55C3DDCD677A9FCA3CC03
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...m.................DB_VERSION.1e.t.q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13376751257274689..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):311
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.187709239599188
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hoxs1923oH+Tcwtk2WwnvB2KLlVoIq2P923oH+Tcwtk2WwnvIFUv:YBYebkxwnvFLTv4YebkxwnQFUv
                                                                                                                                                                                                                                                                                                          MD5:5E128C5EAEBBDE8E80BC837907548C9A
                                                                                                                                                                                                                                                                                                          SHA1:96CC7186AD9C3E270B33B04F1E1D7EA9C6CEC842
                                                                                                                                                                                                                                                                                                          SHA-256:289954BDB78359052BF7CBEFB958454D6E6600C4ACF4198A56293947F0AA867F
                                                                                                                                                                                                                                                                                                          SHA-512:F90F399121441CD53B044EF2248040D8912EEB141F60016C5B5B9FE914C98441BC4AB1AC4464B9E9160CA4F61693708BA58F0AF91DEB3509C67BB43F1F2F2AF5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:13.789 1fb0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/11/22-07:14:13.865 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):41
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):358860
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.324612718529576
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RH:C1gAg1zfvf
                                                                                                                                                                                                                                                                                                          MD5:3E02B6BDFC4033ADC199E35E66BAB1D7
                                                                                                                                                                                                                                                                                                          SHA1:6E1ABE22596763625290C8FAC9AF7224E97F08B3
                                                                                                                                                                                                                                                                                                          SHA-256:E6823B57DAC39B9B954259A8062E91354148CFB5606457EC1FC6D25CD9C3E710
                                                                                                                                                                                                                                                                                                          SHA-512:5E9F5F6DB892063E09C5DB050ADEA23D2B5E0599D67F674C2A4F5DF3FC21708E6BED3476BA938F01B361222E6A3F3BB81D53EAE097C7F3AAC8CA43BE31AF53C5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):760
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
                                                                                                                                                                                                                                                                                                          MD5:6340A67001EEC7E9085E77B313707DF9
                                                                                                                                                                                                                                                                                                          SHA1:EDF70D32FBFE278ACFCBB4CA3E6B077427AEDAF4
                                                                                                                                                                                                                                                                                                          SHA-256:8F6FA11DED3DCD00867B3ACCFC809F3C875693CCDB99E03C7458D125103EB75C
                                                                                                                                                                                                                                                                                                          SHA-512:071FB8F3FD4C4F519534E5572AE022CD1A868B9120B4E930378CCD435302896B1AFBB07BB20C28FEF4C4E2E4272C723A3164F298A4922D8B2275C871160985C5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1812354104186245
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDwM+q2P923oH+Tcwt8aPrqIFUt8YoDU6Zmw+YoD68lMVkwO923oH+Tcwt8amLJ:gwM+v4YebL3FUt8L5/+LJlMV5LYebQJ
                                                                                                                                                                                                                                                                                                          MD5:6D18FE7E597D7B430599675A122816D4
                                                                                                                                                                                                                                                                                                          SHA1:98F5F068DE301995B8DDD962FCA8695C6FF38E3D
                                                                                                                                                                                                                                                                                                          SHA-256:6C70ECD966052D0DD947BE6030CFB866B11AD7D4E56774865126A32A483CF4F3
                                                                                                                                                                                                                                                                                                          SHA-512:E3326E3D68F597F78617B9E309C7480BAA97667C2C33286B293008D87D7FCEA535E72EA0A5094033505490DFAA8606D9D155474B21D33F861BA7D3086945A8C2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.855 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/11/22-07:14:08.882 c6c Recovering log #3.2024/11/22-07:14:08.887 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1812354104186245
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDwM+q2P923oH+Tcwt8aPrqIFUt8YoDU6Zmw+YoD68lMVkwO923oH+Tcwt8amLJ:gwM+v4YebL3FUt8L5/+LJlMV5LYebQJ
                                                                                                                                                                                                                                                                                                          MD5:6D18FE7E597D7B430599675A122816D4
                                                                                                                                                                                                                                                                                                          SHA1:98F5F068DE301995B8DDD962FCA8695C6FF38E3D
                                                                                                                                                                                                                                                                                                          SHA-256:6C70ECD966052D0DD947BE6030CFB866B11AD7D4E56774865126A32A483CF4F3
                                                                                                                                                                                                                                                                                                          SHA-512:E3326E3D68F597F78617B9E309C7480BAA97667C2C33286B293008D87D7FCEA535E72EA0A5094033505490DFAA8606D9D155474B21D33F861BA7D3086945A8C2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.855 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/11/22-07:14:08.882 c6c Recovering log #3.2024/11/22-07:14:08.887 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old~RF411de.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1812354104186245
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDwM+q2P923oH+Tcwt8aPrqIFUt8YoDU6Zmw+YoD68lMVkwO923oH+Tcwt8amLJ:gwM+v4YebL3FUt8L5/+LJlMV5LYebQJ
                                                                                                                                                                                                                                                                                                          MD5:6D18FE7E597D7B430599675A122816D4
                                                                                                                                                                                                                                                                                                          SHA1:98F5F068DE301995B8DDD962FCA8695C6FF38E3D
                                                                                                                                                                                                                                                                                                          SHA-256:6C70ECD966052D0DD947BE6030CFB866B11AD7D4E56774865126A32A483CF4F3
                                                                                                                                                                                                                                                                                                          SHA-512:E3326E3D68F597F78617B9E309C7480BAA97667C2C33286B293008D87D7FCEA535E72EA0A5094033505490DFAA8606D9D155474B21D33F861BA7D3086945A8C2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.855 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/11/22-07:14:08.882 c6c Recovering log #3.2024/11/22-07:14:08.887 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old~RF42c6b.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1812354104186245
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDwM+q2P923oH+Tcwt8aPrqIFUt8YoDU6Zmw+YoD68lMVkwO923oH+Tcwt8amLJ:gwM+v4YebL3FUt8L5/+LJlMV5LYebQJ
                                                                                                                                                                                                                                                                                                          MD5:6D18FE7E597D7B430599675A122816D4
                                                                                                                                                                                                                                                                                                          SHA1:98F5F068DE301995B8DDD962FCA8695C6FF38E3D
                                                                                                                                                                                                                                                                                                          SHA-256:6C70ECD966052D0DD947BE6030CFB866B11AD7D4E56774865126A32A483CF4F3
                                                                                                                                                                                                                                                                                                          SHA-512:E3326E3D68F597F78617B9E309C7480BAA97667C2C33286B293008D87D7FCEA535E72EA0A5094033505490DFAA8606D9D155474B21D33F861BA7D3086945A8C2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.855 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/11/22-07:14:08.882 c6c Recovering log #3.2024/11/22-07:14:08.887 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):760
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
                                                                                                                                                                                                                                                                                                          MD5:6340A67001EEC7E9085E77B313707DF9
                                                                                                                                                                                                                                                                                                          SHA1:EDF70D32FBFE278ACFCBB4CA3E6B077427AEDAF4
                                                                                                                                                                                                                                                                                                          SHA-256:8F6FA11DED3DCD00867B3ACCFC809F3C875693CCDB99E03C7458D125103EB75C
                                                                                                                                                                                                                                                                                                          SHA-512:071FB8F3FD4C4F519534E5572AE022CD1A868B9120B4E930378CCD435302896B1AFBB07BB20C28FEF4C4E2E4272C723A3164F298A4922D8B2275C871160985C5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.203523088438126
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDAM+q2P923oH+Tcwt865IFUt8YoDFmZmw+YoDFpMVkwO923oH+Tcwt86+ULJ:gAM+v4Yeb/WFUt8Lo/+LLMV5LYeb/+SJ
                                                                                                                                                                                                                                                                                                          MD5:CAA4CCD793E9F24C053649513A1893FE
                                                                                                                                                                                                                                                                                                          SHA1:5E0114FC8D2E9E3B84F9D4ACADF7147B7BBFF3BC
                                                                                                                                                                                                                                                                                                          SHA-256:E7834768C92B259D90F21DF7F22B9405CE44E4F9B5D48B35925B09D49D326B0F
                                                                                                                                                                                                                                                                                                          SHA-512:F7074CA4B289CA34777AA6748247A749FFB788E2DDC999809ECF1FA270492508A8E93354918C026522F528D3E4C68877721CEFBB60279E6968991497F07B4ED8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.936 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/11/22-07:14:08.937 c6c Recovering log #3.2024/11/22-07:14:08.937 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.203523088438126
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDAM+q2P923oH+Tcwt865IFUt8YoDFmZmw+YoDFpMVkwO923oH+Tcwt86+ULJ:gAM+v4Yeb/WFUt8Lo/+LLMV5LYeb/+SJ
                                                                                                                                                                                                                                                                                                          MD5:CAA4CCD793E9F24C053649513A1893FE
                                                                                                                                                                                                                                                                                                          SHA1:5E0114FC8D2E9E3B84F9D4ACADF7147B7BBFF3BC
                                                                                                                                                                                                                                                                                                          SHA-256:E7834768C92B259D90F21DF7F22B9405CE44E4F9B5D48B35925B09D49D326B0F
                                                                                                                                                                                                                                                                                                          SHA-512:F7074CA4B289CA34777AA6748247A749FFB788E2DDC999809ECF1FA270492508A8E93354918C026522F528D3E4C68877721CEFBB60279E6968991497F07B4ED8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.936 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/11/22-07:14:08.937 c6c Recovering log #3.2024/11/22-07:14:08.937 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old~RF411ee.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.203523088438126
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDAM+q2P923oH+Tcwt865IFUt8YoDFmZmw+YoDFpMVkwO923oH+Tcwt86+ULJ:gAM+v4Yeb/WFUt8Lo/+LLMV5LYeb/+SJ
                                                                                                                                                                                                                                                                                                          MD5:CAA4CCD793E9F24C053649513A1893FE
                                                                                                                                                                                                                                                                                                          SHA1:5E0114FC8D2E9E3B84F9D4ACADF7147B7BBFF3BC
                                                                                                                                                                                                                                                                                                          SHA-256:E7834768C92B259D90F21DF7F22B9405CE44E4F9B5D48B35925B09D49D326B0F
                                                                                                                                                                                                                                                                                                          SHA-512:F7074CA4B289CA34777AA6748247A749FFB788E2DDC999809ECF1FA270492508A8E93354918C026522F528D3E4C68877721CEFBB60279E6968991497F07B4ED8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.936 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/11/22-07:14:08.937 c6c Recovering log #3.2024/11/22-07:14:08.937 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old~RF42cc9.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.203523088438126
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDAM+q2P923oH+Tcwt865IFUt8YoDFmZmw+YoDFpMVkwO923oH+Tcwt86+ULJ:gAM+v4Yeb/WFUt8Lo/+LLMV5LYeb/+SJ
                                                                                                                                                                                                                                                                                                          MD5:CAA4CCD793E9F24C053649513A1893FE
                                                                                                                                                                                                                                                                                                          SHA1:5E0114FC8D2E9E3B84F9D4ACADF7147B7BBFF3BC
                                                                                                                                                                                                                                                                                                          SHA-256:E7834768C92B259D90F21DF7F22B9405CE44E4F9B5D48B35925B09D49D326B0F
                                                                                                                                                                                                                                                                                                          SHA-512:F7074CA4B289CA34777AA6748247A749FFB788E2DDC999809ECF1FA270492508A8E93354918C026522F528D3E4C68877721CEFBB60279E6968991497F07B4ED8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.936 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/11/22-07:14:08.937 c6c Recovering log #3.2024/11/22-07:14:08.937 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2280
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWO:
                                                                                                                                                                                                                                                                                                          MD5:51604F2FACC34A6F30EC7DB0A1274B46
                                                                                                                                                                                                                                                                                                          SHA1:ED599BE3A817522D8E475FEE04B7C299611ADF29
                                                                                                                                                                                                                                                                                                          SHA-256:73784B2B7979D5AA56E0377317D58A3872D4087E83BDC80855941490C1749F2E
                                                                                                                                                                                                                                                                                                          SHA-512:25188ADBE44A1238E49FAB0B775F71066875A4305E0FB8B1F3942EB1DB298C63A6FE9BF89B48DB45AE6B8CD9F107D7B3DD1EC9E55937B6284625C68F32852230
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.120088131609238
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Holgyq2P923oH+Tcwt8NIFUt8Yop11Zmw+YopjRkwO923oH+Tcwt8+eLJ:Zyv4YebpFUt8d/+JR5LYebqJ
                                                                                                                                                                                                                                                                                                          MD5:18DCBC00879C8E5C5311E4BE45EBB51A
                                                                                                                                                                                                                                                                                                          SHA1:12DCE2CBC6A77E87DE1CF1737AF37C347F5B287A
                                                                                                                                                                                                                                                                                                          SHA-256:D04B6FE6C308FB5AEF01FBAA3BA37BA69BCF30E28F87BEE9DDA028857B1CA0B7
                                                                                                                                                                                                                                                                                                          SHA-512:A9B331E90D4B07D25EEF22C9FD15CA9BB37F94CB25A874ECD57DCFC830E32F8D17F86845A11373D3DBD7E0E101467C6382D6E011D9D1CFFF33A8EA94572CD055
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.606 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/11/22-07:14:09.607 12e4 Recovering log #3.2024/11/22-07:14:09.607 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.120088131609238
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Holgyq2P923oH+Tcwt8NIFUt8Yop11Zmw+YopjRkwO923oH+Tcwt8+eLJ:Zyv4YebpFUt8d/+JR5LYebqJ
                                                                                                                                                                                                                                                                                                          MD5:18DCBC00879C8E5C5311E4BE45EBB51A
                                                                                                                                                                                                                                                                                                          SHA1:12DCE2CBC6A77E87DE1CF1737AF37C347F5B287A
                                                                                                                                                                                                                                                                                                          SHA-256:D04B6FE6C308FB5AEF01FBAA3BA37BA69BCF30E28F87BEE9DDA028857B1CA0B7
                                                                                                                                                                                                                                                                                                          SHA-512:A9B331E90D4B07D25EEF22C9FD15CA9BB37F94CB25A874ECD57DCFC830E32F8D17F86845A11373D3DBD7E0E101467C6382D6E011D9D1CFFF33A8EA94572CD055
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.606 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/11/22-07:14:09.607 12e4 Recovering log #3.2024/11/22-07:14:09.607 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old~RF4144f.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.120088131609238
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Holgyq2P923oH+Tcwt8NIFUt8Yop11Zmw+YopjRkwO923oH+Tcwt8+eLJ:Zyv4YebpFUt8d/+JR5LYebqJ
                                                                                                                                                                                                                                                                                                          MD5:18DCBC00879C8E5C5311E4BE45EBB51A
                                                                                                                                                                                                                                                                                                          SHA1:12DCE2CBC6A77E87DE1CF1737AF37C347F5B287A
                                                                                                                                                                                                                                                                                                          SHA-256:D04B6FE6C308FB5AEF01FBAA3BA37BA69BCF30E28F87BEE9DDA028857B1CA0B7
                                                                                                                                                                                                                                                                                                          SHA-512:A9B331E90D4B07D25EEF22C9FD15CA9BB37F94CB25A874ECD57DCFC830E32F8D17F86845A11373D3DBD7E0E101467C6382D6E011D9D1CFFF33A8EA94572CD055
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.606 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/11/22-07:14:09.607 12e4 Recovering log #3.2024/11/22-07:14:09.607 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old~RF42f69.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.120088131609238
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Holgyq2P923oH+Tcwt8NIFUt8Yop11Zmw+YopjRkwO923oH+Tcwt8+eLJ:Zyv4YebpFUt8d/+JR5LYebqJ
                                                                                                                                                                                                                                                                                                          MD5:18DCBC00879C8E5C5311E4BE45EBB51A
                                                                                                                                                                                                                                                                                                          SHA1:12DCE2CBC6A77E87DE1CF1737AF37C347F5B287A
                                                                                                                                                                                                                                                                                                          SHA-256:D04B6FE6C308FB5AEF01FBAA3BA37BA69BCF30E28F87BEE9DDA028857B1CA0B7
                                                                                                                                                                                                                                                                                                          SHA-512:A9B331E90D4B07D25EEF22C9FD15CA9BB37F94CB25A874ECD57DCFC830E32F8D17F86845A11373D3DBD7E0E101467C6382D6E011D9D1CFFF33A8EA94572CD055
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.606 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/11/22-07:14:09.607 12e4 Recovering log #3.2024/11/22-07:14:09.607 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):429
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                                          MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                                          SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                                          SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                                          SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):115717
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                          MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                          SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                          SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                          SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):45056
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.548618041766687
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:jj9P08qcSQkQeryP/KbtEgam6Ighw773pL4RKToaAu:jdv9Se2yP/UwO72RKcC
                                                                                                                                                                                                                                                                                                          MD5:7620419D4AF7111EF696E8CE538BAA96
                                                                                                                                                                                                                                                                                                          SHA1:C4046742AD56AE2EB5863BB8915737278DBA8D26
                                                                                                                                                                                                                                                                                                          SHA-256:64243E7A28D41D1F7A86F075F181628C797AE1945649FE0FAC6F3B3150261C4E
                                                                                                                                                                                                                                                                                                          SHA-512:78D2EF1C710B958B196F16B59357AFAB47594D9FF37C174645EDF071A74FE9963A02FA88FDBEEA6FB671AB4A27FB619B413C8CBEF733569220D037379446CF79
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):405
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.237707388230628
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:MSVv4Yeb8rcHEZrELFUt8lSg/+9I5LYeb8rcHEZrEZSJ:f54Yeb8nZrExg8oHSLYeb8nZrEZe
                                                                                                                                                                                                                                                                                                          MD5:918CAB0BE770ED15448F5C73F3B3DB4F
                                                                                                                                                                                                                                                                                                          SHA1:2115E026651306B106021EBAC74ABA031B58D14F
                                                                                                                                                                                                                                                                                                          SHA-256:659431B5F4EEA4A0893E82287B769EB3302F44F6A4402571380BBB0442402828
                                                                                                                                                                                                                                                                                                          SHA-512:2B8425E12EA88E904F0B380B25DE3B667B2EC02A5519191BF4690D24D18238815DC2D243D94CC24B3F361FB0904B71E2FE85472EE199595B52D4EC9734860E3E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:11.025 434 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/11/22-07:14:11.025 434 Recovering log #3.2024/11/22-07:14:11.026 434 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):405
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.237707388230628
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:MSVv4Yeb8rcHEZrELFUt8lSg/+9I5LYeb8rcHEZrEZSJ:f54Yeb8nZrExg8oHSLYeb8nZrEZe
                                                                                                                                                                                                                                                                                                          MD5:918CAB0BE770ED15448F5C73F3B3DB4F
                                                                                                                                                                                                                                                                                                          SHA1:2115E026651306B106021EBAC74ABA031B58D14F
                                                                                                                                                                                                                                                                                                          SHA-256:659431B5F4EEA4A0893E82287B769EB3302F44F6A4402571380BBB0442402828
                                                                                                                                                                                                                                                                                                          SHA-512:2B8425E12EA88E904F0B380B25DE3B667B2EC02A5519191BF4690D24D18238815DC2D243D94CC24B3F361FB0904B71E2FE85472EE199595B52D4EC9734860E3E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:11.025 434 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/11/22-07:14:11.025 434 Recovering log #3.2024/11/22-07:14:11.026 434 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old~RF4173d.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):405
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.237707388230628
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:MSVv4Yeb8rcHEZrELFUt8lSg/+9I5LYeb8rcHEZrEZSJ:f54Yeb8nZrExg8oHSLYeb8nZrEZe
                                                                                                                                                                                                                                                                                                          MD5:918CAB0BE770ED15448F5C73F3B3DB4F
                                                                                                                                                                                                                                                                                                          SHA1:2115E026651306B106021EBAC74ABA031B58D14F
                                                                                                                                                                                                                                                                                                          SHA-256:659431B5F4EEA4A0893E82287B769EB3302F44F6A4402571380BBB0442402828
                                                                                                                                                                                                                                                                                                          SHA-512:2B8425E12EA88E904F0B380B25DE3B667B2EC02A5519191BF4690D24D18238815DC2D243D94CC24B3F361FB0904B71E2FE85472EE199595B52D4EC9734860E3E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:11.025 434 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/11/22-07:14:11.025 434 Recovering log #3.2024/11/22-07:14:11.026 434 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old~RF434f7.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):405
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.237707388230628
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:MSVv4Yeb8rcHEZrELFUt8lSg/+9I5LYeb8rcHEZrEZSJ:f54Yeb8nZrExg8oHSLYeb8nZrEZe
                                                                                                                                                                                                                                                                                                          MD5:918CAB0BE770ED15448F5C73F3B3DB4F
                                                                                                                                                                                                                                                                                                          SHA1:2115E026651306B106021EBAC74ABA031B58D14F
                                                                                                                                                                                                                                                                                                          SHA-256:659431B5F4EEA4A0893E82287B769EB3302F44F6A4402571380BBB0442402828
                                                                                                                                                                                                                                                                                                          SHA-512:2B8425E12EA88E904F0B380B25DE3B667B2EC02A5519191BF4690D24D18238815DC2D243D94CC24B3F361FB0904B71E2FE85472EE199595B52D4EC9734860E3E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:11.025 434 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/11/22-07:14:11.025 434 Recovering log #3.2024/11/22-07:14:11.026 434 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):920
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.6106914595475414
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:295TlW1doYxOaPiw6+nvX6GYtuGGYMlpv14YOzHb6q0OSLlMRE8+RCgIeureF33S:2HZWPyw6cvXXViXZFWCLV0374gI6MyG
                                                                                                                                                                                                                                                                                                          MD5:1E1E5A4B5595E0D74649659150BEDC10
                                                                                                                                                                                                                                                                                                          SHA1:E607678DDCDFFE2D18F3855577A1232136D12B4B
                                                                                                                                                                                                                                                                                                          SHA-256:673532B0F426AFFCE9B1E7CFB31F6A46A53C8BEDB9FA210AA1950A0E97C8741B
                                                                                                                                                                                                                                                                                                          SHA-512:9EBD3B592B83DF0997C7CD476D479638B61F34793D73EE28B5CA90FA45423F5924F77B86D498CA23AD57C8F3E7E1A57DCA4DA01060BD7E5C23828931F0D2B3BA
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:..*..................VERSION.1..META:https://ntp.msn.com.............!_https://ntp.msn.com..LastKnownPV..1732277663905.._https://ntp.msn.com..MUID!.3116A657B59463FA2738B368B4F6621C.._https://ntp.msn.com..bkgdV...{"cachedVideoId":-1,"lastUpdatedTime":1732277663987,"schedule":[27,-1,14,-1,-1,21,-1],"scheduleFixed":[27,-1,14,-1,-1,21,-1],"simpleSchedule":[26,18,38,11,41,46,44]}.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.7_https://ntp.msn.com..nurturing_interaction_trace_ls_id..1732277663858.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"dhp":"20241121.408"}.*_https://ntp.msn.com..pivotSelectionSource..sticky.#_https://ntp.msn.com..selectedPivot..myFeed.#_https://ntp.msn.com..switchedPivot..myFeed.O_https://ntp.msn.com..Fri Nov 22 2024 07:14:23 GMT-0500 (Eastern Standard Time).!_https://ntp.msn.com..storageTest

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.167315227555262
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoOC9+q2P923oH+Tcwt8a2jMGIFUt8YoGl3JZmw+YonBX9VkwO923oH+Tcwt8a23:Dhv4Yeb8EFUt8+lZ/+/R5LYeb8bJ
                                                                                                                                                                                                                                                                                                          MD5:E6A7837737411114949F00CEB30BBF47
                                                                                                                                                                                                                                                                                                          SHA1:E40EBC9F07AEC4A090E1E69B174D1997D2D2EBAF
                                                                                                                                                                                                                                                                                                          SHA-256:0934623061E4CDF845685E88275C541B3E66927B9BF6B732CF936B44C1EC493D
                                                                                                                                                                                                                                                                                                          SHA-512:7C91474240B8ED0A35E8576EB69CB2BEBA4BC3388DFF332EB506EAF138A3679A10E56FAF2E50679557C0DDA8AC368DE6E9527930D4A16B802BBCFC62105149AE
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.164 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/11/22-07:14:09.165 11d8 Recovering log #3.2024/11/22-07:14:09.168 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.167315227555262
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoOC9+q2P923oH+Tcwt8a2jMGIFUt8YoGl3JZmw+YonBX9VkwO923oH+Tcwt8a23:Dhv4Yeb8EFUt8+lZ/+/R5LYeb8bJ
                                                                                                                                                                                                                                                                                                          MD5:E6A7837737411114949F00CEB30BBF47
                                                                                                                                                                                                                                                                                                          SHA1:E40EBC9F07AEC4A090E1E69B174D1997D2D2EBAF
                                                                                                                                                                                                                                                                                                          SHA-256:0934623061E4CDF845685E88275C541B3E66927B9BF6B732CF936B44C1EC493D
                                                                                                                                                                                                                                                                                                          SHA-512:7C91474240B8ED0A35E8576EB69CB2BEBA4BC3388DFF332EB506EAF138A3679A10E56FAF2E50679557C0DDA8AC368DE6E9527930D4A16B802BBCFC62105149AE
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.164 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/11/22-07:14:09.165 11d8 Recovering log #3.2024/11/22-07:14:09.168 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old~RF412c9.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.167315227555262
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoOC9+q2P923oH+Tcwt8a2jMGIFUt8YoGl3JZmw+YonBX9VkwO923oH+Tcwt8a23:Dhv4Yeb8EFUt8+lZ/+/R5LYeb8bJ
                                                                                                                                                                                                                                                                                                          MD5:E6A7837737411114949F00CEB30BBF47
                                                                                                                                                                                                                                                                                                          SHA1:E40EBC9F07AEC4A090E1E69B174D1997D2D2EBAF
                                                                                                                                                                                                                                                                                                          SHA-256:0934623061E4CDF845685E88275C541B3E66927B9BF6B732CF936B44C1EC493D
                                                                                                                                                                                                                                                                                                          SHA-512:7C91474240B8ED0A35E8576EB69CB2BEBA4BC3388DFF332EB506EAF138A3679A10E56FAF2E50679557C0DDA8AC368DE6E9527930D4A16B802BBCFC62105149AE
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.164 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/11/22-07:14:09.165 11d8 Recovering log #3.2024/11/22-07:14:09.168 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old~RF42da4.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.167315227555262
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoOC9+q2P923oH+Tcwt8a2jMGIFUt8YoGl3JZmw+YonBX9VkwO923oH+Tcwt8a23:Dhv4Yeb8EFUt8+lZ/+/R5LYeb8bJ
                                                                                                                                                                                                                                                                                                          MD5:E6A7837737411114949F00CEB30BBF47
                                                                                                                                                                                                                                                                                                          SHA1:E40EBC9F07AEC4A090E1E69B174D1997D2D2EBAF
                                                                                                                                                                                                                                                                                                          SHA-256:0934623061E4CDF845685E88275C541B3E66927B9BF6B732CF936B44C1EC493D
                                                                                                                                                                                                                                                                                                          SHA-512:7C91474240B8ED0A35E8576EB69CB2BEBA4BC3388DFF332EB506EAF138A3679A10E56FAF2E50679557C0DDA8AC368DE6E9527930D4A16B802BBCFC62105149AE
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.164 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/11/22-07:14:09.165 11d8 Recovering log #3.2024/11/22-07:14:09.168 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\11bf5a55-9ea1-4d26-b5f1-d733e846e725.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\2ef179b0-42a9-4f9e-bada-eb730f42c5fa.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\803b84a0-0d10-46ce-9462-2ded468e052c.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1419
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.336110615415376
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7np+:YXs/tsbfc7leeEscgCgakhYhbx9+
                                                                                                                                                                                                                                                                                                          MD5:7D870539B6C4EE40FA5CFD87A3D4BFEC
                                                                                                                                                                                                                                                                                                          SHA1:F45BE07A3A05615856688219AFE6713EBABBAC2C
                                                                                                                                                                                                                                                                                                          SHA-256:73513F7A38830E47624257EF04A4F73BF174FD1FEBAC172AA416BF6470930F90
                                                                                                                                                                                                                                                                                                          SHA-512:90EABCE74F8CBB5FF1F96566E1293887BB3DB36C9E32F6C619D1EC7C9AAE504221CDEC2DD1468915A0A06A65E472C5446731838C89E665EBD9FA114F12261327
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                                          Entropy (8bit):2.7800165534483976
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:tTRJUhb9EHBtF5ElUB86dWM49zgGCzXcf0L/ZJVb:VRJCZeBtTEl+8KDAzgGCzXI0LhJVb
                                                                                                                                                                                                                                                                                                          MD5:F708564766F2A0CB5AFF5990D1708158
                                                                                                                                                                                                                                                                                                          SHA1:42C2AAAEE13D85CC7F7975F5D3299500C3D78451
                                                                                                                                                                                                                                                                                                          SHA-256:6079A0D867A1575E7F3687A75F168F03A462CF482884671D228F79A216A293E5
                                                                                                                                                                                                                                                                                                          SHA-512:8F654E98A8265F5283A5733AFE4A715C62BCE622267EF6B7D25424A5C463F1F7ECA7BDBB65B9E605115E2CBE8F8FEC28FCEBFBC099161A5C4FDAD27491AB90ED
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1419
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.336110615415376
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7np+:YXs/tsbfc7leeEscgCgakhYhbx9+
                                                                                                                                                                                                                                                                                                          MD5:7D870539B6C4EE40FA5CFD87A3D4BFEC
                                                                                                                                                                                                                                                                                                          SHA1:F45BE07A3A05615856688219AFE6713EBABBAC2C
                                                                                                                                                                                                                                                                                                          SHA-256:73513F7A38830E47624257EF04A4F73BF174FD1FEBAC172AA416BF6470930F90
                                                                                                                                                                                                                                                                                                          SHA-512:90EABCE74F8CBB5FF1F96566E1293887BB3DB36C9E32F6C619D1EC7C9AAE504221CDEC2DD1468915A0A06A65E472C5446731838C89E665EBD9FA114F12261327
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):36864
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.2135808026176438
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:TKIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSBRWv:eIEumQv8m1ccnvS6qzqn/Uv
                                                                                                                                                                                                                                                                                                          MD5:F900BCC8042AF7167F7BFC3C8E94FD16
                                                                                                                                                                                                                                                                                                          SHA1:E930CD5CEEC81BC47268BC2BBA45A719022C47D7
                                                                                                                                                                                                                                                                                                          SHA-256:AE0FA87644A45E453B048E98B82083235D5587A9C38354BE75756675DE2272F5
                                                                                                                                                                                                                                                                                                          SHA-512:72772FD7B329F0F4F4F6483B16F70B8DC164F55A83C0E4BA0DBC069E731B7BBF71D9C78F304DA24DADD1F9F0097A925D399C0D8BC5EB56A2737EDDE4C3CA240A
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3d504.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF417ab.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF43516.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF43620.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF45d6e.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF4705a.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a2f20e4a-5047-4750-9d5b-6042679235a4.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a5bc5cc4-7b83-4b3f-bfa0-ae13474c1f1e.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\bc94f00b-10ce-4c76-af7f-83d963e905f4.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\cd299f6d-ad55-4cf8-ba00-0058f21321e4.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\d078b23f-b270-450d-bb38-872fec654cfd.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\e2df01e1-3588-4ac2-9eee-1dbcf5d44cef.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.6891615828901694
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:TLSOUOq0afDdWec9sJZHFqs7l7zymiI7J5fc:T+OUzDbg3OHws7ln5c
                                                                                                                                                                                                                                                                                                          MD5:DC0B69DC825BC466B189BBFF9969BE50
                                                                                                                                                                                                                                                                                                          SHA1:A2F4F04CE40A2AB7D61A4DDB5BB1F1F3FFFEF6A3
                                                                                                                                                                                                                                                                                                          SHA-256:2D3E7C8341C37AAE19504D07A0C05F0DCA5963CC95130C43B6B3FFF75EB9ECAC
                                                                                                                                                                                                                                                                                                          SHA-512:6479632F1C0A11F6236FE17FEC420C6F43BAAC56026099F72BE201855A6D9570D3C2A63DCD3DF30ADEFF0EAEE31CCDAED0403783638616177AB87C76B6DFD93F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):9659
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1206809389811365
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:st6kdlus//QTsZihUkB9y8abV+F2IKQA66WJaFIMY1POYJ:st6/s//OfhGbG2hQx6WJaTYF
                                                                                                                                                                                                                                                                                                          MD5:E5E45E02905D8D8C3C5ECADE8B4323DE
                                                                                                                                                                                                                                                                                                          SHA1:37E8399734226A4C9F7484025E9C17A53ABB8C93
                                                                                                                                                                                                                                                                                                          SHA-256:D5F1F611B4CDB635189F619C90AA01B136170C9CE8571CD2C66B4CCAB7BC100C
                                                                                                                                                                                                                                                                                                          SHA-512:67CC250167F2BE4C19A269FF1FE3C3159CF9D2B30F7799989FB333BD27B84C2513828F3AB5FA142EC633AE448F607F3EB13CBE96ECFBCB1E5C144BC90A15F022
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376751249256297","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":10090,"left":10000,"maximized":false,"right":10500,"top":10000,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":0,"browser_content_container_width":456,"browser_content_container_x":0,"browser_content_container_y":111,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_lin

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF485c6.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):9659
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1206809389811365
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:st6kdlus//QTsZihUkB9y8abV+F2IKQA66WJaFIMY1POYJ:st6/s//OfhGbG2hQx6WJaTYF
                                                                                                                                                                                                                                                                                                          MD5:E5E45E02905D8D8C3C5ECADE8B4323DE
                                                                                                                                                                                                                                                                                                          SHA1:37E8399734226A4C9F7484025E9C17A53ABB8C93
                                                                                                                                                                                                                                                                                                          SHA-256:D5F1F611B4CDB635189F619C90AA01B136170C9CE8571CD2C66B4CCAB7BC100C
                                                                                                                                                                                                                                                                                                          SHA-512:67CC250167F2BE4C19A269FF1FE3C3159CF9D2B30F7799989FB333BD27B84C2513828F3AB5FA142EC633AE448F607F3EB13CBE96ECFBCB1E5C144BC90A15F022
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376751249256297","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":10090,"left":10000,"maximized":false,"right":10500,"top":10000,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":0,"browser_content_container_width":456,"browser_content_container_x":0,"browser_content_container_y":111,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_lin

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4c8ab.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):9659
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1206809389811365
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:st6kdlus//QTsZihUkB9y8abV+F2IKQA66WJaFIMY1POYJ:st6/s//OfhGbG2hQx6WJaTYF
                                                                                                                                                                                                                                                                                                          MD5:E5E45E02905D8D8C3C5ECADE8B4323DE
                                                                                                                                                                                                                                                                                                          SHA1:37E8399734226A4C9F7484025E9C17A53ABB8C93
                                                                                                                                                                                                                                                                                                          SHA-256:D5F1F611B4CDB635189F619C90AA01B136170C9CE8571CD2C66B4CCAB7BC100C
                                                                                                                                                                                                                                                                                                          SHA-512:67CC250167F2BE4C19A269FF1FE3C3159CF9D2B30F7799989FB333BD27B84C2513828F3AB5FA142EC633AE448F607F3EB13CBE96ECFBCB1E5C144BC90A15F022
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376751249256297","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":10090,"left":10000,"maximized":false,"right":10500,"top":10000,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":0,"browser_content_container_width":456,"browser_content_container_x":0,"browser_content_container_y":111,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_lin

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):25012
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.5670632165222935
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:lPNEkuWPaEfwL8F1+UoAYDCx9Tuqh0VfUC9xbog/OVKIsnWczrwBSypwtu1:lPNEkuWPaEfwLu1ja3IsWcIate
                                                                                                                                                                                                                                                                                                          MD5:34488213814FBF13EB326E31BDB28321
                                                                                                                                                                                                                                                                                                          SHA1:C9C23FD6B53AE4DB4DCFFB801368CB1200E14B2A
                                                                                                                                                                                                                                                                                                          SHA-256:E686D8B058DD330A2A1EF7D0D95032EC5587DBB5C8BF4C85318635F232B5324A
                                                                                                                                                                                                                                                                                                          SHA-512:D11F4A84C9A9FD8A48850CD8AB473EA4BB29276D7400856256FAC6915056C2CFDB35476A20BA9E720A9835620DE105CEF7E604EE3D3BB0A92F723E0A7CA99BA7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376751248820164","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376751248820164","location":5,"ma

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF47f8c.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):25012
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.5670632165222935
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:lPNEkuWPaEfwL8F1+UoAYDCx9Tuqh0VfUC9xbog/OVKIsnWczrwBSypwtu1:lPNEkuWPaEfwLu1ja3IsWcIate
                                                                                                                                                                                                                                                                                                          MD5:34488213814FBF13EB326E31BDB28321
                                                                                                                                                                                                                                                                                                          SHA1:C9C23FD6B53AE4DB4DCFFB801368CB1200E14B2A
                                                                                                                                                                                                                                                                                                          SHA-256:E686D8B058DD330A2A1EF7D0D95032EC5587DBB5C8BF4C85318635F232B5324A
                                                                                                                                                                                                                                                                                                          SHA-512:D11F4A84C9A9FD8A48850CD8AB473EA4BB29276D7400856256FAC6915056C2CFDB35476A20BA9E720A9835620DE105CEF7E604EE3D3BB0A92F723E0A7CA99BA7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376751248820164","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376751248820164","location":5,"ma

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):80
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.323098996850684
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:chltUQ2Hm4kxH4xRNwBgzNnNurkXn:chXUQI2xH8BzNmen
                                                                                                                                                                                                                                                                                                          MD5:8DA62954B0B14642CF287A260418E39B
                                                                                                                                                                                                                                                                                                          SHA1:E82BF98669AE1D73BBD9294D9F454044D5C2622E
                                                                                                                                                                                                                                                                                                          SHA-256:B7E25784D1B3A3653C618822715DAE7CC86BF0B05FFF0CF3C5D6A1FB169F0614
                                                                                                                                                                                                                                                                                                          SHA-512:E44DC92CAA0579A81CBF176A589493421AAD851D7006603B54684EE8CBFC67F572F2B0219F4483227F3FF9CC614D882B2ADB8060873E358C7D6870CAF9E3865C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):299
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.149558774694213
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Ho13M1923oH+TcwtE/a252KLlVo0RIq2P923oH+TcwtE/a2ZIFUv:C3hYeb8xLRyv4Yeb8J2FUv
                                                                                                                                                                                                                                                                                                          MD5:AD1C61D4408C59F5D05621EB0713F5E7
                                                                                                                                                                                                                                                                                                          SHA1:F9BAE16F4CC5FE91BD12E0B814077D4BA04D9AE0
                                                                                                                                                                                                                                                                                                          SHA-256:0C8AAA013782B9C10A80BC9FABB5A954C9FF6D475DF59D4C3AAF8B47E73F9D19
                                                                                                                                                                                                                                                                                                          SHA-512:2515F9E0BA5C00EC002C8320D8EDFD2A3EACD525CD878F1C99105E00D1C4820479813F2E2531FD6DC3E05E173BAACB42203AD3AF486B682686A031E85EABCA92
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:25.744 1194 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2024/11/22-07:14:25.807 1194 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):41
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):114380
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.577833006751657
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:AU906yxPXfOxr1lhCe1nL/rmL/rBZXECjAWNKi8GPXtPxw:d9LyxPXfOxr1lMe1nL/CL/TXEmdXpe
                                                                                                                                                                                                                                                                                                          MD5:77C04697F32345F93C19D5066394806C
                                                                                                                                                                                                                                                                                                          SHA1:728904D9E69DA066E9E76B7390DB72DDFFE97FC2
                                                                                                                                                                                                                                                                                                          SHA-256:006234F69E5A19BEF25DF110BF19CE3264B3175110DC6832FD7E0646BF460884
                                                                                                                                                                                                                                                                                                          SHA-512:4FAE9890F00786074281D4EE046B0B56A9EB9A7DE72ECFD682A215382212528EA226E176F90E281C9F2AA5E38D9294F4848DD5E7925BEDE9456E2FEEFBD81317
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):188873
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.386142513121236
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:ruzVHiOuW4DwUoJOY8L/JEIThq4iyDkZJ6F4:rDwnOnL/vt2yP6
                                                                                                                                                                                                                                                                                                          MD5:70F89B3F62CC43AAAB12A0429AFD6658
                                                                                                                                                                                                                                                                                                          SHA1:ECF5B8056C4643B4511A0C20166591772BDD32B7
                                                                                                                                                                                                                                                                                                          SHA-256:21FFECF410EFC079E5F75C7E26783509EF4DC0627B22502736478B3D62BF15F1
                                                                                                                                                                                                                                                                                                          SHA-512:D3E3BFF378FDFBE335754367B265E057377A34CB1439D98FFCE515B61539289D25D300F36ADBB0F2E4E7B334D73B9E8E7B34D538924F22F580A6FFDAB6D2BE61
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:0\r..m..........rSG.....0....Lp.................;......*p........,T.8..`,.....L`.....,T...`......L`......Rc........exports...Rc..[.....module....Rc... ....define....Rb...W....amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H......q.Q.m..G.b...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true..a........Db............D`.....E..A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da....zY...,T.`.`z.....L`..........a............a.........Dr8................/....-.......}....4..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):24
                                                                                                                                                                                                                                                                                                          Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                                          MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                                          SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                                          SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                                          SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:0\r..m..................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.55492787511957
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Ys+FjXl/ly/l9/lxEYa/l0Jn:YbmOv0Jn
                                                                                                                                                                                                                                                                                                          MD5:FB8028691B6875F467491A2D3D8EF24C
                                                                                                                                                                                                                                                                                                          SHA1:1D429EFC56A16DCE37DC88711A9D47038AF6A748
                                                                                                                                                                                                                                                                                                          SHA-256:518DA23C392E418E1D01B934761A69415529562AE1CD65C921788084FDF3B486
                                                                                                                                                                                                                                                                                                          SHA-512:6755CBE05D304173006DEDA8EE05B5E1A5161EC1ECE9D7A492D3872E3548B5EEF545930012535F25C90ED8C6EEF5EAFD421AF9757E1A2542C66558A4836183A9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:@...-I.0oy retne.........................X....,.................`..../.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.55492787511957
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Ys+FjXl/ly/l9/lxEYa/l0Jn:YbmOv0Jn
                                                                                                                                                                                                                                                                                                          MD5:FB8028691B6875F467491A2D3D8EF24C
                                                                                                                                                                                                                                                                                                          SHA1:1D429EFC56A16DCE37DC88711A9D47038AF6A748
                                                                                                                                                                                                                                                                                                          SHA-256:518DA23C392E418E1D01B934761A69415529562AE1CD65C921788084FDF3B486
                                                                                                                                                                                                                                                                                                          SHA-512:6755CBE05D304173006DEDA8EE05B5E1A5161EC1ECE9D7A492D3872E3548B5EEF545930012535F25C90ED8C6EEF5EAFD421AF9757E1A2542C66558A4836183A9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:@...-I.0oy retne.........................X....,.................`..../.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF4c8da.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.55492787511957
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Ys+FjXl/ly/l9/lxEYa/l0Jn:YbmOv0Jn
                                                                                                                                                                                                                                                                                                          MD5:FB8028691B6875F467491A2D3D8EF24C
                                                                                                                                                                                                                                                                                                          SHA1:1D429EFC56A16DCE37DC88711A9D47038AF6A748
                                                                                                                                                                                                                                                                                                          SHA-256:518DA23C392E418E1D01B934761A69415529562AE1CD65C921788084FDF3B486
                                                                                                                                                                                                                                                                                                          SHA-512:6755CBE05D304173006DEDA8EE05B5E1A5161EC1ECE9D7A492D3872E3548B5EEF545930012535F25C90ED8C6EEF5EAFD421AF9757E1A2542C66558A4836183A9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:@...-I.0oy retne.........................X....,.................`..../.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):7217
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.3658811315698283
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:lkTe9hqzPtVkVah9Xp+PdU6D5SLl9iSrYgbeD:lee9hqzPnh9Xp+FU+5SLl9iSrX
                                                                                                                                                                                                                                                                                                          MD5:70D5B65B45F7F55B00FAE7CC21BE890E
                                                                                                                                                                                                                                                                                                          SHA1:50FD21745D6B78B46B697F209513FC74C8683DAC
                                                                                                                                                                                                                                                                                                          SHA-256:C6CEEAC3C50DF4AE84ED88D97FF9100E25FEF89C3DCB344FAC41BF1CF06594F7
                                                                                                                                                                                                                                                                                                          SHA-512:D25C1E52AE870489034351C09AE81C1F5B062000616C27DB405A1D7CD8A2610EAEC472190CAC7E738EFCA8D7F473415E9579150A0012A66F75C114D6A11AB2DF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f...............'.W.b................next-map-id.1.Cnamespace-a2bcd2fc_601c_41d7_b520_9f1a3e410f27-https://ntp.msn.com/.0..=N.................map-0-shd_sweeper.5{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.f.i.n.-.c.o.m.p.o.f.,.p.r.g.-.f.i.n.-.h.p.o.f.l.i.o.,.p.r.g.-.f.i.n.-.p.o.f.l.i.o.,.a.d.s.-.m.n.-.m.i.g.r.,.p.r.g.-.1.s.-.d.w.v.i.d.-.t.1.,.1.s.-.p.1.-.d.w.l.s.,.1.s.-.p.2.-.d.w.l.s.,.p.r.g.-.1.s.w.-.n.o.c.o.o.l.d.o.w.n.,.p.r.g.-.p.r.1.-.v.i.d.e.o.s.,.p.r.g.-.p.r.2.-.v.i.d.e.o.s.,.p.r.g.-.v.i.d.-.d.w.l.s.c.a.c.h.e.,.p.r.g.-.1.s.w.-.m.i.t.o.t.d.u.s.,.1.s.-.a.c.t.n.t.h.i.s.d.a.y.,.p.r.g.-.1.s.w.-.o.t.d.s.g.p.r.,.i.c.r.s.c.a.l.l.-.s.p.o.r.t.s.,.p.r.g.-.1.s.w.-.s.a.q.e.n.t.s.i.r.u.t.3.,.p.r.g.-.1.s.w.-.s.a.-.m.a.i.p.r.o.f.i.l.e._.c.,.p.r.g.-.1.s.w.-.p.r.g.1.r.e.t.r.y.,.p.r.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.145535835080314
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hox9+q2P923oH+TcwtrQMxIFUt8YoKJZmw+YoLt9VkwO923oH+TcwtrQMFLJ:pv4YebCFUt8c/+Dl5LYebtJ
                                                                                                                                                                                                                                                                                                          MD5:16CBC3239693C4E69A0CD11CECFFEEAB
                                                                                                                                                                                                                                                                                                          SHA1:12E33061D740C83001FFB661EF4E02C6A18A2EF3
                                                                                                                                                                                                                                                                                                          SHA-256:1BDF526AC58EFC9D67E29E125AD436B51B18C66B86A36CC6B448CD6B074413AB
                                                                                                                                                                                                                                                                                                          SHA-512:8552C6BAD887A8A1830A9548AD1CFB89DCA5F91A7C5633AF8E7B5A467DA728372F7D257227F8EA125961D715F209B372A7D2E464D702DC26C4FEB9E09F23AA80
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.498 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/11/22-07:14:09.613 11d8 Recovering log #3.2024/11/22-07:14:09.616 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.145535835080314
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hox9+q2P923oH+TcwtrQMxIFUt8YoKJZmw+YoLt9VkwO923oH+TcwtrQMFLJ:pv4YebCFUt8c/+Dl5LYebtJ
                                                                                                                                                                                                                                                                                                          MD5:16CBC3239693C4E69A0CD11CECFFEEAB
                                                                                                                                                                                                                                                                                                          SHA1:12E33061D740C83001FFB661EF4E02C6A18A2EF3
                                                                                                                                                                                                                                                                                                          SHA-256:1BDF526AC58EFC9D67E29E125AD436B51B18C66B86A36CC6B448CD6B074413AB
                                                                                                                                                                                                                                                                                                          SHA-512:8552C6BAD887A8A1830A9548AD1CFB89DCA5F91A7C5633AF8E7B5A467DA728372F7D257227F8EA125961D715F209B372A7D2E464D702DC26C4FEB9E09F23AA80
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.498 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/11/22-07:14:09.613 11d8 Recovering log #3.2024/11/22-07:14:09.616 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old~RF413e2.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.145535835080314
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hox9+q2P923oH+TcwtrQMxIFUt8YoKJZmw+YoLt9VkwO923oH+TcwtrQMFLJ:pv4YebCFUt8c/+Dl5LYebtJ
                                                                                                                                                                                                                                                                                                          MD5:16CBC3239693C4E69A0CD11CECFFEEAB
                                                                                                                                                                                                                                                                                                          SHA1:12E33061D740C83001FFB661EF4E02C6A18A2EF3
                                                                                                                                                                                                                                                                                                          SHA-256:1BDF526AC58EFC9D67E29E125AD436B51B18C66B86A36CC6B448CD6B074413AB
                                                                                                                                                                                                                                                                                                          SHA-512:8552C6BAD887A8A1830A9548AD1CFB89DCA5F91A7C5633AF8E7B5A467DA728372F7D257227F8EA125961D715F209B372A7D2E464D702DC26C4FEB9E09F23AA80
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.498 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/11/22-07:14:09.613 11d8 Recovering log #3.2024/11/22-07:14:09.616 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old~RF42de2.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.145535835080314
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hox9+q2P923oH+TcwtrQMxIFUt8YoKJZmw+YoLt9VkwO923oH+TcwtrQMFLJ:pv4YebCFUt8c/+Dl5LYebtJ
                                                                                                                                                                                                                                                                                                          MD5:16CBC3239693C4E69A0CD11CECFFEEAB
                                                                                                                                                                                                                                                                                                          SHA1:12E33061D740C83001FFB661EF4E02C6A18A2EF3
                                                                                                                                                                                                                                                                                                          SHA-256:1BDF526AC58EFC9D67E29E125AD436B51B18C66B86A36CC6B448CD6B074413AB
                                                                                                                                                                                                                                                                                                          SHA-512:8552C6BAD887A8A1830A9548AD1CFB89DCA5F91A7C5633AF8E7B5A467DA728372F7D257227F8EA125961D715F209B372A7D2E464D702DC26C4FEB9E09F23AA80
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.498 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/11/22-07:14:09.613 11d8 Recovering log #3.2024/11/22-07:14:09.616 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13376751225817028

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                          Size (bytes):296
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.162305976239437
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:3R8M3xHNC/K/2t5o8+U8qGJvG1GEj/LYUNwIRfsZe1S1iKNC/R:32OxS5oHUz5YFSyej
                                                                                                                                                                                                                                                                                                          MD5:76BAE4FB2DD08BEF990BC0899216FAF7
                                                                                                                                                                                                                                                                                                          SHA1:DD7AACD04A1375F812E4B7D05C474D8005CE9779
                                                                                                                                                                                                                                                                                                          SHA-256:9FFA72AE1135CDD5069FFAC4547990C9EA160668EA729BF57477E646BB7DD694
                                                                                                                                                                                                                                                                                                          SHA-512:F922065542958166E077307AD419AF1CBA5852FF68597E748A75E412015EC6D540B369991CDF961A542FCD569DA3D6BFBAA4F2B59C133D13ABFD12A6BD2EB211
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SNSS..........S..............S......"...S..............S..........S..........S..........S....!.....S..................................S...S1..,......S$...4c40ef50_ca47_47ac_985e_93fc6ac9f5fd......S..........S....'.............S5..0......S&...{98952893-68FF-4A5D-A164-705C709ED3DB}........S.......

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13376751251325260

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1389
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7964559151989197
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:31f44NrWYbpjd2yeNiVpsAF4unxzgtLp3X2amEtG1ChqY+0YLTQKkOAM4:3jqTgzF6Lp2FEkChzzYYHOp
                                                                                                                                                                                                                                                                                                          MD5:4FFABDBC99ADAB647751F215F9C6D05B
                                                                                                                                                                                                                                                                                                          SHA1:4DBB58BB8FBCBAFC9343D8BEFE2A91211DD4F87F
                                                                                                                                                                                                                                                                                                          SHA-256:1EDB45194141ACBA255DECD33D326CAFE751F40E532986BE4369ADA66BF479E0
                                                                                                                                                                                                                                                                                                          SHA-512:0EB114760DCC92D39D8FC6AF7822EDFD5AFC1AC19C83C759AA84D9D40C857406C47D30E3B307213FADC17797F9D35E7A440844FE8AD83EF047AB151DE96BBBC4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SNSS........a.T............a.T......".a.T............a.T........a.T........a.T........a.T....!...a.T................................a.T.a.T1..,....a.T$...a2bcd2fc_601c_41d7_b520_9f1a3e410f27....a.T........a.T....cRU.........a.T5..0....a.T&...{98952893-68FF-4A5D-A164-705C709ED3DB}......a.T...........a.T.'...'......Z...........a.T............a.T........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x........3.R.'...3.R.'.................................. ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8....................................................................... ..........................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                                          MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                                          SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                                          SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                                          SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):352
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.150379593718606
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDySQL+q2P923oH+Tcwt7Uh2ghZIFUt8YoD/8GKWZmw+YoD/8QLVkwO923oH+T8:gySQ+v4YebIhHh2FUt8LkGKW/+LkQV5g
                                                                                                                                                                                                                                                                                                          MD5:8C8174FEAFADF2CFEBD9BD9D960516FA
                                                                                                                                                                                                                                                                                                          SHA1:0F70345D999F7D0E687B51136E1547D9F9916778
                                                                                                                                                                                                                                                                                                          SHA-256:8444C9D8BE75046BE106F1EF6790BC8D6346110347FDE9AEF79F975263CCEF70
                                                                                                                                                                                                                                                                                                          SHA-512:9BB321A8A0BBE9254447155790A82F72DE8DEA46DF40F3B221D37259F62A515FBA57370DCEDB31464B37033AE33923174B17B59D755886EED624374710A0DE24
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.838 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/11/22-07:14:08.839 15ec Recovering log #3.2024/11/22-07:14:08.839 15ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):352
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.150379593718606
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDySQL+q2P923oH+Tcwt7Uh2ghZIFUt8YoD/8GKWZmw+YoD/8QLVkwO923oH+T8:gySQ+v4YebIhHh2FUt8LkGKW/+LkQV5g
                                                                                                                                                                                                                                                                                                          MD5:8C8174FEAFADF2CFEBD9BD9D960516FA
                                                                                                                                                                                                                                                                                                          SHA1:0F70345D999F7D0E687B51136E1547D9F9916778
                                                                                                                                                                                                                                                                                                          SHA-256:8444C9D8BE75046BE106F1EF6790BC8D6346110347FDE9AEF79F975263CCEF70
                                                                                                                                                                                                                                                                                                          SHA-512:9BB321A8A0BBE9254447155790A82F72DE8DEA46DF40F3B221D37259F62A515FBA57370DCEDB31464B37033AE33923174B17B59D755886EED624374710A0DE24
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.838 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/11/22-07:14:08.839 15ec Recovering log #3.2024/11/22-07:14:08.839 15ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old~RF41190.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):352
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.150379593718606
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDySQL+q2P923oH+Tcwt7Uh2ghZIFUt8YoD/8GKWZmw+YoD/8QLVkwO923oH+T8:gySQ+v4YebIhHh2FUt8LkGKW/+LkQV5g
                                                                                                                                                                                                                                                                                                          MD5:8C8174FEAFADF2CFEBD9BD9D960516FA
                                                                                                                                                                                                                                                                                                          SHA1:0F70345D999F7D0E687B51136E1547D9F9916778
                                                                                                                                                                                                                                                                                                          SHA-256:8444C9D8BE75046BE106F1EF6790BC8D6346110347FDE9AEF79F975263CCEF70
                                                                                                                                                                                                                                                                                                          SHA-512:9BB321A8A0BBE9254447155790A82F72DE8DEA46DF40F3B221D37259F62A515FBA57370DCEDB31464B37033AE33923174B17B59D755886EED624374710A0DE24
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.838 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/11/22-07:14:08.839 15ec Recovering log #3.2024/11/22-07:14:08.839 15ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old~RF42c5c.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):352
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.150379593718606
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDySQL+q2P923oH+Tcwt7Uh2ghZIFUt8YoD/8GKWZmw+YoD/8QLVkwO923oH+T8:gySQ+v4YebIhHh2FUt8LkGKW/+LkQV5g
                                                                                                                                                                                                                                                                                                          MD5:8C8174FEAFADF2CFEBD9BD9D960516FA
                                                                                                                                                                                                                                                                                                          SHA1:0F70345D999F7D0E687B51136E1547D9F9916778
                                                                                                                                                                                                                                                                                                          SHA-256:8444C9D8BE75046BE106F1EF6790BC8D6346110347FDE9AEF79F975263CCEF70
                                                                                                                                                                                                                                                                                                          SHA-512:9BB321A8A0BBE9254447155790A82F72DE8DEA46DF40F3B221D37259F62A515FBA57370DCEDB31464B37033AE33923174B17B59D755886EED624374710A0DE24
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.838 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/11/22-07:14:08.839 15ec Recovering log #3.2024/11/22-07:14:08.839 15ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):270336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):270336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):431
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.208602604482951
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hoy4q2P923oH+TcwtzjqEKj3K/2jMGIFUt8YoeF3JZmw+Yo/DkwO923oH+Tcwtzg:Mv4YebvqBQFUt8W/+z5LYebvqBvJ
                                                                                                                                                                                                                                                                                                          MD5:DD7FC475D2DAD29BBE472B592600B367
                                                                                                                                                                                                                                                                                                          SHA1:39E18167253B2B2BD09EF0BEC0F8F378210DB351
                                                                                                                                                                                                                                                                                                          SHA-256:B9ABE24E0A64ECA629F49F320D6F25A480D723CAE45AE14543E62B193BC0A88B
                                                                                                                                                                                                                                                                                                          SHA-512:9DAEC1F8E009773E2AFA26DA5001DD0188250D699471B214CCE55B79F76FC01C58B7745A7DD1987974DBBA1042124A9FE3145BA48D22CF61DF70CA2203DA087E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.621 f10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/11/22-07:14:09.623 f10 Recovering log #3.2024/11/22-07:14:09.633 f10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):431
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.208602604482951
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hoy4q2P923oH+TcwtzjqEKj3K/2jMGIFUt8YoeF3JZmw+Yo/DkwO923oH+Tcwtzg:Mv4YebvqBQFUt8W/+z5LYebvqBvJ
                                                                                                                                                                                                                                                                                                          MD5:DD7FC475D2DAD29BBE472B592600B367
                                                                                                                                                                                                                                                                                                          SHA1:39E18167253B2B2BD09EF0BEC0F8F378210DB351
                                                                                                                                                                                                                                                                                                          SHA-256:B9ABE24E0A64ECA629F49F320D6F25A480D723CAE45AE14543E62B193BC0A88B
                                                                                                                                                                                                                                                                                                          SHA-512:9DAEC1F8E009773E2AFA26DA5001DD0188250D699471B214CCE55B79F76FC01C58B7745A7DD1987974DBBA1042124A9FE3145BA48D22CF61DF70CA2203DA087E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.621 f10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/11/22-07:14:09.623 f10 Recovering log #3.2024/11/22-07:14:09.633 f10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old~RF413e2.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):431
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.208602604482951
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hoy4q2P923oH+TcwtzjqEKj3K/2jMGIFUt8YoeF3JZmw+Yo/DkwO923oH+Tcwtzg:Mv4YebvqBQFUt8W/+z5LYebvqBvJ
                                                                                                                                                                                                                                                                                                          MD5:DD7FC475D2DAD29BBE472B592600B367
                                                                                                                                                                                                                                                                                                          SHA1:39E18167253B2B2BD09EF0BEC0F8F378210DB351
                                                                                                                                                                                                                                                                                                          SHA-256:B9ABE24E0A64ECA629F49F320D6F25A480D723CAE45AE14543E62B193BC0A88B
                                                                                                                                                                                                                                                                                                          SHA-512:9DAEC1F8E009773E2AFA26DA5001DD0188250D699471B214CCE55B79F76FC01C58B7745A7DD1987974DBBA1042124A9FE3145BA48D22CF61DF70CA2203DA087E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.621 f10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/11/22-07:14:09.623 f10 Recovering log #3.2024/11/22-07:14:09.633 f10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old~RF42edc.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):431
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.208602604482951
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hoy4q2P923oH+TcwtzjqEKj3K/2jMGIFUt8YoeF3JZmw+Yo/DkwO923oH+Tcwtzg:Mv4YebvqBQFUt8W/+z5LYebvqBvJ
                                                                                                                                                                                                                                                                                                          MD5:DD7FC475D2DAD29BBE472B592600B367
                                                                                                                                                                                                                                                                                                          SHA1:39E18167253B2B2BD09EF0BEC0F8F378210DB351
                                                                                                                                                                                                                                                                                                          SHA-256:B9ABE24E0A64ECA629F49F320D6F25A480D723CAE45AE14543E62B193BC0A88B
                                                                                                                                                                                                                                                                                                          SHA-512:9DAEC1F8E009773E2AFA26DA5001DD0188250D699471B214CCE55B79F76FC01C58B7745A7DD1987974DBBA1042124A9FE3145BA48D22CF61DF70CA2203DA087E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.621 f10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/11/22-07:14:09.623 f10 Recovering log #3.2024/11/22-07:14:09.633 f10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\3ffc31a7-7205-4020-b733-c428f2224b69.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\84b18245-c413-49c3-aadb-bb65f9a238b2.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):144
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.842082263530856
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqkomn1KKyRY:YHpoeS7PMVKJTnMRKXkh1KF+
                                                                                                                                                                                                                                                                                                          MD5:ABE81C38891A875B52127ACE9C314105
                                                                                                                                                                                                                                                                                                          SHA1:8EDEBDDAD493CF02D3986A664A4AD1C71CCEBB5F
                                                                                                                                                                                                                                                                                                          SHA-256:6D398F9EB5969D487B57E1C3E1EDDE58660545A7CE404F6DA40C8738B56B6177
                                                                                                                                                                                                                                                                                                          SHA-512:B90DC0E50262ECB05FE1989FA3797C51DF92C83BE94F28FE020994ED6F0E1365EB5B9A0ADA68FCFD46DADEDB6F08FA0E57FF91AA12ED88C3D9AE112FF74329F2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF430e0.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF45d6e.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF4705a.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):36864
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                                          MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                                                          SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                                                          SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                                                          SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\a6c82eec-2699-4f63-9da7-7bdfdef43436.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\de96e5d0-062a-4a60-a8c8-36437f0897fb.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\e18653bb-0ef4-48cd-8a80-4c936fda3f2b.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\f4872c3e-a3fc-4ee8-9bec-7eea15d8ce65.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):144
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.842082263530856
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqkomn1KKyRY:YHpoeS7PMVKJTnMRKXkh1KF+
                                                                                                                                                                                                                                                                                                          MD5:ABE81C38891A875B52127ACE9C314105
                                                                                                                                                                                                                                                                                                          SHA1:8EDEBDDAD493CF02D3986A664A4AD1C71CCEBB5F
                                                                                                                                                                                                                                                                                                          SHA-256:6D398F9EB5969D487B57E1C3E1EDDE58660545A7CE404F6DA40C8738B56B6177
                                                                                                                                                                                                                                                                                                          SHA-512:B90DC0E50262ECB05FE1989FA3797C51DF92C83BE94F28FE020994ED6F0E1365EB5B9A0ADA68FCFD46DADEDB6F08FA0E57FF91AA12ED88C3D9AE112FF74329F2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):80
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                                          MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                                          SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                                          SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                                          SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):422
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.256611254769189
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoD9+q2P923oH+TcwtzjqEKj0QMxIFUt8Yop3JZmw+YoeHN9VkwO923oH+Tcwtzv:7v4YebvqBZFUt8xZ/+ml5LYebvqBaJ
                                                                                                                                                                                                                                                                                                          MD5:8E697E61AC50FC0C788F6EBD4E13956B
                                                                                                                                                                                                                                                                                                          SHA1:42C764C0BAD91D42467C42466EE878516B589881
                                                                                                                                                                                                                                                                                                          SHA-256:D05D039A1ABC7940E782566D78B1931E9ABC6BC900091FB623E2C22A6334D933
                                                                                                                                                                                                                                                                                                          SHA-512:F9462A32ECA4124D5084C7692C1430D8032826AB0C0E1911455D119B13FD1A44FE27AC8CDDA5182A4B6FD156F3DAF2E680D4095B6375A0A0C72F1AC7DFC5F20B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:25.933 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/11/22-07:14:25.935 11d8 Recovering log #3.2024/11/22-07:14:25.938 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):422
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.256611254769189
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoD9+q2P923oH+TcwtzjqEKj0QMxIFUt8Yop3JZmw+YoeHN9VkwO923oH+Tcwtzv:7v4YebvqBZFUt8xZ/+ml5LYebvqBaJ
                                                                                                                                                                                                                                                                                                          MD5:8E697E61AC50FC0C788F6EBD4E13956B
                                                                                                                                                                                                                                                                                                          SHA1:42C764C0BAD91D42467C42466EE878516B589881
                                                                                                                                                                                                                                                                                                          SHA-256:D05D039A1ABC7940E782566D78B1931E9ABC6BC900091FB623E2C22A6334D933
                                                                                                                                                                                                                                                                                                          SHA-512:F9462A32ECA4124D5084C7692C1430D8032826AB0C0E1911455D119B13FD1A44FE27AC8CDDA5182A4B6FD156F3DAF2E680D4095B6375A0A0C72F1AC7DFC5F20B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:25.933 11d8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/11/22-07:14:25.935 11d8 Recovering log #3.2024/11/22-07:14:25.938 11d8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.204581309211998
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDTM+q2P923oH+TcwtpIFUt8YoDxvZmw+YoDlMVkwO923oH+Tcwta/WLJ:gTM+v4YebmFUt8Lxv/+LlMV5LYebaUJ
                                                                                                                                                                                                                                                                                                          MD5:C9E15906FBF8DE294BDD7F8AE418B058
                                                                                                                                                                                                                                                                                                          SHA1:1FD4EA0F5FCDF999CFD09897D463D8FFFEEC3990
                                                                                                                                                                                                                                                                                                          SHA-256:BEC8453E8968B736431C8E61E83D7054B08105FF4894D1AC9E761BDAC0EB65CE
                                                                                                                                                                                                                                                                                                          SHA-512:4A5A4BBF4850C6234DCAD40DE5F497CA0D9803F63D2BE2A9EEE9735C8F80D1EDBDCBE78FB3D535DBD9D3D868F07256ECC0582BEFC04006414C13AFB2B1D72D05
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.836 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/11/22-07:14:08.837 c6c Recovering log #3.2024/11/22-07:14:08.838 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.204581309211998
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDTM+q2P923oH+TcwtpIFUt8YoDxvZmw+YoDlMVkwO923oH+Tcwta/WLJ:gTM+v4YebmFUt8Lxv/+LlMV5LYebaUJ
                                                                                                                                                                                                                                                                                                          MD5:C9E15906FBF8DE294BDD7F8AE418B058
                                                                                                                                                                                                                                                                                                          SHA1:1FD4EA0F5FCDF999CFD09897D463D8FFFEEC3990
                                                                                                                                                                                                                                                                                                          SHA-256:BEC8453E8968B736431C8E61E83D7054B08105FF4894D1AC9E761BDAC0EB65CE
                                                                                                                                                                                                                                                                                                          SHA-512:4A5A4BBF4850C6234DCAD40DE5F497CA0D9803F63D2BE2A9EEE9735C8F80D1EDBDCBE78FB3D535DBD9D3D868F07256ECC0582BEFC04006414C13AFB2B1D72D05
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.836 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/11/22-07:14:08.837 c6c Recovering log #3.2024/11/22-07:14:08.838 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old~RF41190.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.204581309211998
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDTM+q2P923oH+TcwtpIFUt8YoDxvZmw+YoDlMVkwO923oH+Tcwta/WLJ:gTM+v4YebmFUt8Lxv/+LlMV5LYebaUJ
                                                                                                                                                                                                                                                                                                          MD5:C9E15906FBF8DE294BDD7F8AE418B058
                                                                                                                                                                                                                                                                                                          SHA1:1FD4EA0F5FCDF999CFD09897D463D8FFFEEC3990
                                                                                                                                                                                                                                                                                                          SHA-256:BEC8453E8968B736431C8E61E83D7054B08105FF4894D1AC9E761BDAC0EB65CE
                                                                                                                                                                                                                                                                                                          SHA-512:4A5A4BBF4850C6234DCAD40DE5F497CA0D9803F63D2BE2A9EEE9735C8F80D1EDBDCBE78FB3D535DBD9D3D868F07256ECC0582BEFC04006414C13AFB2B1D72D05
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.836 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/11/22-07:14:08.837 c6c Recovering log #3.2024/11/22-07:14:08.838 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old~RF42c5c.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.204581309211998
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:HoDTM+q2P923oH+TcwtpIFUt8YoDxvZmw+YoDlMVkwO923oH+Tcwta/WLJ:gTM+v4YebmFUt8Lxv/+LlMV5LYebaUJ
                                                                                                                                                                                                                                                                                                          MD5:C9E15906FBF8DE294BDD7F8AE418B058
                                                                                                                                                                                                                                                                                                          SHA1:1FD4EA0F5FCDF999CFD09897D463D8FFFEEC3990
                                                                                                                                                                                                                                                                                                          SHA-256:BEC8453E8968B736431C8E61E83D7054B08105FF4894D1AC9E761BDAC0EB65CE
                                                                                                                                                                                                                                                                                                          SHA-512:4A5A4BBF4850C6234DCAD40DE5F497CA0D9803F63D2BE2A9EEE9735C8F80D1EDBDCBE78FB3D535DBD9D3D868F07256ECC0582BEFC04006414C13AFB2B1D72D05
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:08.836 c6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/11/22-07:14:08.837 c6c Recovering log #3.2024/11/22-07:14:08.838 c6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 11, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 11
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1778909455888804
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:Md2qOB1nxCkSSAELyKOMq+8yC8F/YfU5m+OlT:Tq+n0p9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                                                                                          MD5:907B45B0FBB853599B062CBF095758DD
                                                                                                                                                                                                                                                                                                          SHA1:E53EAD7294D25B03AECAD357AAA9781565F6227B
                                                                                                                                                                                                                                                                                                          SHA-256:6C4E4BF21E86FACF37DE160B16BAEA11DD77777542E0C6DDC9CDCF6A17B942EA
                                                                                                                                                                                                                                                                                                          SHA-512:C85ECE6C421838BA5751D46CD041E1CD0413797F361BE458E4712475DDD3150AA842FC9D9160CDC94F10087449D87B1F7155F31EA63A949B24A9F636719B50E2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.4667020313499719
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB0+n:v7doKsKuKZKlZNmu46yjx02
                                                                                                                                                                                                                                                                                                          MD5:60480CB2BBA2F45BCE711683BD698AFE
                                                                                                                                                                                                                                                                                                          SHA1:9FF84D04D96D95B83E8B8354AA6823089B275E2C
                                                                                                                                                                                                                                                                                                          SHA-256:D46F0E6BD364D380E1A511D69D6292B4A5D6B2F98CC0FFAD5B6CE4FC3817BDC9
                                                                                                                                                                                                                                                                                                          SHA-512:03B03A7254B534BE1D291317DBE97AFB27E83857F192F93F9ACD3E3F1112C5F1D9A8582BC437FD94FC9228F966E3BD3288780D5449EC354280093B974221440E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager-journal

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):12824
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.13301922850291303
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:zl9HNllv/etXlRC1l/+/34//l/h4jRfn1d7jdtQfxlbz9OXOWXtXlRC9Ol:zlUl2+v4puj3dnd0lFOXOClSOl
                                                                                                                                                                                                                                                                                                          MD5:7332AF662F96A827F87D3FDD54D02874
                                                                                                                                                                                                                                                                                                          SHA1:F12ACCB5F3D4664F39060A34E6BEF041D2C4E8F0
                                                                                                                                                                                                                                                                                                          SHA-256:3BA53CDD0D030C8F8593FE91416959DBC15A418D908A62E1A24C1E71453F651D
                                                                                                                                                                                                                                                                                                          SHA-512:106B28084EFC72F705542F5C014775478F7D0DCE7F51BB7F7910DF2CCDA17A86F0A6C02DAF3BC9C7D0558EBE7DE9A0A72B2542A8F7F4FC6B3E521A9599F6FE60
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:............:.+.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):11755
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                                          MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                                          SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                                          SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                                          SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d1c48ffc-739b-473b-8752-a7fa239e6ea7.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):115717
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                          MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                          SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                          SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                          SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):28672
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                                          MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                                          SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                                          SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                                          SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\e8452efa-1ce3-4b96-b733-3c90e12f9d8a.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\e9db6f78-c133-4317-8d5a-376ce3d98495.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):9659
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1206809389811365
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:st6kdlus//QTsZihUkB9y8abV+F2IKQA66WJaFIMY1POYJ:st6/s//OfhGbG2hQx6WJaTYF
                                                                                                                                                                                                                                                                                                          MD5:E5E45E02905D8D8C3C5ECADE8B4323DE
                                                                                                                                                                                                                                                                                                          SHA1:37E8399734226A4C9F7484025E9C17A53ABB8C93
                                                                                                                                                                                                                                                                                                          SHA-256:D5F1F611B4CDB635189F619C90AA01B136170C9CE8571CD2C66B4CCAB7BC100C
                                                                                                                                                                                                                                                                                                          SHA-512:67CC250167F2BE4C19A269FF1FE3C3159CF9D2B30F7799989FB333BD27B84C2513828F3AB5FA142EC633AE448F607F3EB13CBE96ECFBCB1E5C144BC90A15F022
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376751249256297","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":10090,"left":10000,"maximized":false,"right":10500,"top":10000,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":0,"browser_content_container_width":456,"browser_content_container_x":0,"browser_content_container_y":111,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_lin

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):32768
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.09872748223085256
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:ULf5zLffL1EjVl/PnnnnnnnnnnvoQREoBmY7:U7t7fhoPnnnnnnnnnnvbjcY
                                                                                                                                                                                                                                                                                                          MD5:E3B3163BD479D36E76D261BAB7C91DE9
                                                                                                                                                                                                                                                                                                          SHA1:FEE388D4C4EDFE81012DF62ED9C565E9DF30E474
                                                                                                                                                                                                                                                                                                          SHA-256:301BAADECD5E05A24F93AE78D2A1F60F82A95C7D9008885C23F846AEDE1CECDF
                                                                                                                                                                                                                                                                                                          SHA-512:F832B7C263665C51DF22BB4F9F28D23BB7015ABA2D0DAB82878F6454EAEED9EDBC237E1433A8903B20CB11A7B059F52E1C74CFDCC25B3313D63277FCF594A24E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:..-.............I........>....$..4..}...s.d......-.............I........>....$..4..}...s.d............E...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):300792
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.7796665651592527
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:G2nK6l5Sjk5IC5a205k2P5m2e5B2n5Ye2qb58yNyvQyuytwXyfxy5kA:6VIJA
                                                                                                                                                                                                                                                                                                          MD5:3C10A195C5436C8C2D199DD4F1E2C118
                                                                                                                                                                                                                                                                                                          SHA1:5258A6442173505B5C8B5AA43B0A408EEEF0863A
                                                                                                                                                                                                                                                                                                          SHA-256:BABAF87317CE5B755D1CEE4B6410FCB18AC2AF75D959C665214BF8E42726D22B
                                                                                                                                                                                                                                                                                                          SHA-512:1DCF7257B48ADA59DFF013DBF86249D5A27DDC7C4FBA43CF7CC93D03FABBF5528CF25534693B30ECBF9C9609F70B4D62B2301D6ABC27775C6120C5128E6590B0
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:7....-...........4..}...8.?L.0.........4..}........C.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\passwords.db

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                                                                                          MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                                                                                          SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                                                                                          SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                                                                                          SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):628
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2281602302432755
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:/XntM+iTl3sedhOKOuuuuuuuuuuuuuuuuuuuuuuueOsedhOs:Wlc8NOuuuuuuuuuuuuuuuuuuuuuuuy8V
                                                                                                                                                                                                                                                                                                          MD5:618DD5A879E5973E1C964A7D528D168B
                                                                                                                                                                                                                                                                                                          SHA1:D9EAAD738D79EDE31862ED35DCDDF87B2703BE09
                                                                                                                                                                                                                                                                                                          SHA-256:6446502AB9A365C2C589FF6A411878F0897048695FE980AAAD443358543C005C
                                                                                                                                                                                                                                                                                                          SHA-512:C49F5F06B5D0F371E863B57033E8C5B625005A2375B3E131438D63FBC26A92ABDA413EEA64CD72B7C4D212E4CA93D23E394D618988077EECD9913DCDF93A1757
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:A..r.................20_1_1...1.,U.................20_1_1...1..}0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...................0................39_config..........6.....n ....1

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.161179728617259
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hotjjyq2P923oH+TcwtfrK+IFUt8YoV31Zmw+YoVhRkwO923oH+TcwtfrUeLJ:+jyv4Yeb23FUt8dF/+dhR5LYeb3J
                                                                                                                                                                                                                                                                                                          MD5:26E0EE661E96EF8B8EA9A56DA6B101C0
                                                                                                                                                                                                                                                                                                          SHA1:051AAD6142C71A490C9FF3E288216F059E4C4B13
                                                                                                                                                                                                                                                                                                          SHA-256:38EF4E866DDEEC8D1910DE35231EE507C304DEAC7482BD5DFA27A0792C10029A
                                                                                                                                                                                                                                                                                                          SHA-512:A409EF2AB3967F0BF301A01A1F41BCE477929B04C0E56D0793C5B13CADA5190796847AB94D0DD01EED11DC3DDEC82CE8BF548B7EEFA9552946D39AC39F2F3E9F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.269 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/11/22-07:14:09.270 12e4 Recovering log #3.2024/11/22-07:14:09.270 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.161179728617259
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hotjjyq2P923oH+TcwtfrK+IFUt8YoV31Zmw+YoVhRkwO923oH+TcwtfrUeLJ:+jyv4Yeb23FUt8dF/+dhR5LYeb3J
                                                                                                                                                                                                                                                                                                          MD5:26E0EE661E96EF8B8EA9A56DA6B101C0
                                                                                                                                                                                                                                                                                                          SHA1:051AAD6142C71A490C9FF3E288216F059E4C4B13
                                                                                                                                                                                                                                                                                                          SHA-256:38EF4E866DDEEC8D1910DE35231EE507C304DEAC7482BD5DFA27A0792C10029A
                                                                                                                                                                                                                                                                                                          SHA-512:A409EF2AB3967F0BF301A01A1F41BCE477929B04C0E56D0793C5B13CADA5190796847AB94D0DD01EED11DC3DDEC82CE8BF548B7EEFA9552946D39AC39F2F3E9F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.269 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/11/22-07:14:09.270 12e4 Recovering log #3.2024/11/22-07:14:09.270 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old~RF41365.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.161179728617259
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hotjjyq2P923oH+TcwtfrK+IFUt8YoV31Zmw+YoVhRkwO923oH+TcwtfrUeLJ:+jyv4Yeb23FUt8dF/+dhR5LYeb3J
                                                                                                                                                                                                                                                                                                          MD5:26E0EE661E96EF8B8EA9A56DA6B101C0
                                                                                                                                                                                                                                                                                                          SHA1:051AAD6142C71A490C9FF3E288216F059E4C4B13
                                                                                                                                                                                                                                                                                                          SHA-256:38EF4E866DDEEC8D1910DE35231EE507C304DEAC7482BD5DFA27A0792C10029A
                                                                                                                                                                                                                                                                                                          SHA-512:A409EF2AB3967F0BF301A01A1F41BCE477929B04C0E56D0793C5B13CADA5190796847AB94D0DD01EED11DC3DDEC82CE8BF548B7EEFA9552946D39AC39F2F3E9F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.269 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/11/22-07:14:09.270 12e4 Recovering log #3.2024/11/22-07:14:09.270 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old~RF42e21.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):324
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.161179728617259
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hotjjyq2P923oH+TcwtfrK+IFUt8YoV31Zmw+YoVhRkwO923oH+TcwtfrUeLJ:+jyv4Yeb23FUt8dF/+dhR5LYeb3J
                                                                                                                                                                                                                                                                                                          MD5:26E0EE661E96EF8B8EA9A56DA6B101C0
                                                                                                                                                                                                                                                                                                          SHA1:051AAD6142C71A490C9FF3E288216F059E4C4B13
                                                                                                                                                                                                                                                                                                          SHA-256:38EF4E866DDEEC8D1910DE35231EE507C304DEAC7482BD5DFA27A0792C10029A
                                                                                                                                                                                                                                                                                                          SHA-512:A409EF2AB3967F0BF301A01A1F41BCE477929B04C0E56D0793C5B13CADA5190796847AB94D0DD01EED11DC3DDEC82CE8BF548B7EEFA9552946D39AC39F2F3E9F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.269 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/11/22-07:14:09.270 12e4 Recovering log #3.2024/11/22-07:14:09.270 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):855
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.089952698032513
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:G0nYUtypD3RUovhC+lvBOL+t3IvB8SxX/Zs:LYUtyp1vxdBllIp8SxX/Zs
                                                                                                                                                                                                                                                                                                          MD5:D285E3EF9601EA0E0FB700B3655FCE62
                                                                                                                                                                                                                                                                                                          SHA1:F6A42E3BA86D1585203D34BFAD8562387DF62A1C
                                                                                                                                                                                                                                                                                                          SHA-256:91E6D8375D51EA3E3C388927C8BC87BA26D1E061B821EA22D5D512145D1D2FDC
                                                                                                                                                                                                                                                                                                          SHA-512:F1C85A1BB559CB5A593CB5AED836E817ADB68C5C30B7F2499CA57D8778D27EC0C8F25DD16CA8AF05C2C3A6875599BF41FFA3B32FCA632B56F199544A5DA1DC6B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ......................__global... .S.*..................__global... .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):342
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.189975465985082
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hopyq2P923oH+TcwtfrzAdIFUt8YojQ/1Zmw+YojQpRkwO923oH+TcwtfrzILJ:eyv4Yeb9FUt8bQ9/+bQpR5LYeb2J
                                                                                                                                                                                                                                                                                                          MD5:4406A750F34CBE5AEDF3DA4F8C0E7C4E
                                                                                                                                                                                                                                                                                                          SHA1:86DAB22FC165614C7D808C4AC2CC501417CFCCCE
                                                                                                                                                                                                                                                                                                          SHA-256:56036E1B5A7D2376B787B9777E323BC72FB6CD392BB6F42F55D8A6AAE78C4462
                                                                                                                                                                                                                                                                                                          SHA-512:755B0CD787613EB92AEB6AE30D669D3111D1032EE55C4F73B5980999040B7CBCB7BB051D903F762E155F0D5C40A599F9FACE25924BAC9FEABED316C5617B00F8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.258 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/11/22-07:14:09.266 12e4 Recovering log #3.2024/11/22-07:14:09.266 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):342
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.189975465985082
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hopyq2P923oH+TcwtfrzAdIFUt8YojQ/1Zmw+YojQpRkwO923oH+TcwtfrzILJ:eyv4Yeb9FUt8bQ9/+bQpR5LYeb2J
                                                                                                                                                                                                                                                                                                          MD5:4406A750F34CBE5AEDF3DA4F8C0E7C4E
                                                                                                                                                                                                                                                                                                          SHA1:86DAB22FC165614C7D808C4AC2CC501417CFCCCE
                                                                                                                                                                                                                                                                                                          SHA-256:56036E1B5A7D2376B787B9777E323BC72FB6CD392BB6F42F55D8A6AAE78C4462
                                                                                                                                                                                                                                                                                                          SHA-512:755B0CD787613EB92AEB6AE30D669D3111D1032EE55C4F73B5980999040B7CBCB7BB051D903F762E155F0D5C40A599F9FACE25924BAC9FEABED316C5617B00F8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.258 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/11/22-07:14:09.266 12e4 Recovering log #3.2024/11/22-07:14:09.266 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old~RF41365.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):342
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.189975465985082
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hopyq2P923oH+TcwtfrzAdIFUt8YojQ/1Zmw+YojQpRkwO923oH+TcwtfrzILJ:eyv4Yeb9FUt8bQ9/+bQpR5LYeb2J
                                                                                                                                                                                                                                                                                                          MD5:4406A750F34CBE5AEDF3DA4F8C0E7C4E
                                                                                                                                                                                                                                                                                                          SHA1:86DAB22FC165614C7D808C4AC2CC501417CFCCCE
                                                                                                                                                                                                                                                                                                          SHA-256:56036E1B5A7D2376B787B9777E323BC72FB6CD392BB6F42F55D8A6AAE78C4462
                                                                                                                                                                                                                                                                                                          SHA-512:755B0CD787613EB92AEB6AE30D669D3111D1032EE55C4F73B5980999040B7CBCB7BB051D903F762E155F0D5C40A599F9FACE25924BAC9FEABED316C5617B00F8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.258 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/11/22-07:14:09.266 12e4 Recovering log #3.2024/11/22-07:14:09.266 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old~RF42e01.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):342
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.189975465985082
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:Hopyq2P923oH+TcwtfrzAdIFUt8YojQ/1Zmw+YojQpRkwO923oH+TcwtfrzILJ:eyv4Yeb9FUt8bQ9/+bQpR5LYeb2J
                                                                                                                                                                                                                                                                                                          MD5:4406A750F34CBE5AEDF3DA4F8C0E7C4E
                                                                                                                                                                                                                                                                                                          SHA1:86DAB22FC165614C7D808C4AC2CC501417CFCCCE
                                                                                                                                                                                                                                                                                                          SHA-256:56036E1B5A7D2376B787B9777E323BC72FB6CD392BB6F42F55D8A6AAE78C4462
                                                                                                                                                                                                                                                                                                          SHA-512:755B0CD787613EB92AEB6AE30D669D3111D1032EE55C4F73B5980999040B7CBCB7BB051D903F762E155F0D5C40A599F9FACE25924BAC9FEABED316C5617B00F8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:2024/11/22-07:14:09.258 12e4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/11/22-07:14:09.266 12e4 Recovering log #3.2024/11/22-07:14:09.266 12e4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\webdata.db

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 11, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 11
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1285003035423482
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:Md2qOB1nxCkOSAELyKOMq+8yC8F/YfU5m+OlT:Tq+n0d9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                                                                                          MD5:F189F918FABE26D703E7FEB2FF32A646
                                                                                                                                                                                                                                                                                                          SHA1:15233BAC03E62B1D4594CEF157DFE30F6ED40A37
                                                                                                                                                                                                                                                                                                          SHA-256:34B05A6A866A855003D1E69D1F86E9D6D75E8CE0E600D2E7F00798022659030E
                                                                                                                                                                                                                                                                                                          SHA-512:23E8018D3B65E85800EB083C66791360EACAEE90ECDC0C7AF24DF745BA5113516C7D87720364F073879BC4025DD644FE3E59B67026E247AC63ED1B04F2F1487F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):120
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                                          MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                                          SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                                          SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                                          SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):13
                                                                                                                                                                                                                                                                                                          Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                                                          MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                                                          SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                                                          SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                                                          SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:117.0.2045.47

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3b7b8.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3c8fe.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3e04f.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3e1d5.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3f0aa.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3f492.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3f58c.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF403a6.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF40471.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF41181.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF42027.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF42101.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF42d36.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF453aa.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF490c3.TMP (copy)

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.6773696719930975
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:TLpUAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3islRud6zcQAJmdngzQdoO:TLiOUOq0afDdWec9sJhOs3fsuZ7J5fc
                                                                                                                                                                                                                                                                                                          MD5:6FFCCB198DC6B17E165460E6E246B03C
                                                                                                                                                                                                                                                                                                          SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                                                                                                                                                                                                                                                                                                          SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                                                                                                                                                                                                                                                                                                          SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):47
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                                          MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                                          SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                                          SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                                          SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):35
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                                          MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                                          SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                                          SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                                          SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):81
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                                          MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                                          SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                                          SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                                          SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):130439
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                                          MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                                          SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                                          SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                                          SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                                          MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                                          SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                                          SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                                          SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):57
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                                          MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                                          SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                                          SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                                          SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):29
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                                          MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                                          SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                                          SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                                          SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):575056
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                                          SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                                          MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                                          SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                                          SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                                          SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):460992
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                                          SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                                          MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                                          SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                                          SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                                          SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):9
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                                          MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                                          SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                                          SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                                          SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:uriCache_

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):179
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.019926012865461
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAclXVd2Uy:YWLSGTt1o9LuLgfGBPAzkVj/T8lC
                                                                                                                                                                                                                                                                                                          MD5:923C805B929C4B0443D3CF4843539236
                                                                                                                                                                                                                                                                                                          SHA1:41148BD1EE53F49A0CD1F0807FB7FC037F2C9EF7
                                                                                                                                                                                                                                                                                                          SHA-256:DD1CBEEB4CBD0BCE9194C08C8CA6233C0A4A564642E5FD91D564B90696D4D695
                                                                                                                                                                                                                                                                                                          SHA-512:48E5F16B3F3C04FC6E4E3607BE9262E6CFA2F901E31483F656E86A6A6E7170476835E20F1476E17A5AF13708E69019F0EB7D44C5E21730CE6739B38FCFC97E7E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1732378453556554}]}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):86
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQ8:YQ3Kq9X0dMgAEwjq
                                                                                                                                                                                                                                                                                                          MD5:6E1AF7D7074A6124EFDB62180565A385
                                                                                                                                                                                                                                                                                                          SHA1:26540F41116CE9F9F452F7831FFB7B59420FA812
                                                                                                                                                                                                                                                                                                          SHA-256:70811DE44C337675FCFFDA381E8AB2FB66544B07FFCAE651804B75EF71C11748
                                                                                                                                                                                                                                                                                                          SHA-512:14DAFD9D2DD1F2EA77747D6FAFE82D44C3F91EE1C466BD6A3049FD71C45E601386AC2F8A79A796B1BCCCAAD41169F5DFFA0E94ABECB9F5D0570AA65F0AF38B47
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":6}

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a47f3535-01ff-420a-a627-05a0d6068bc0.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):38380
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.0711165746726
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:mMkbJrT8IeQc5d95N5RuIhDO6vP6ODS6ssfTKcnS0X29fLbCAoD:mMk1rT8H195N26jS6sQ29LbRoD
                                                                                                                                                                                                                                                                                                          MD5:A43B1C9EB41CA808FC43A6452A97889F
                                                                                                                                                                                                                                                                                                          SHA1:79916308E2A8805F1C5C172A5F98536CD5965953
                                                                                                                                                                                                                                                                                                          SHA-256:B8D546B49120A414946B1B3C9815476B2817DAF75AEF838E218F341A659B8A16
                                                                                                                                                                                                                                                                                                          SHA-512:9F7355B1DAC47E060D1BE96EF5C150027CABFBCB4F26A9301ED662E03F7EB071572330C8BD5CFE7F7599514026FEC89BEF1BEDE1187652EF5457852C1CC69C1B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\bb4e8691-6f3e-4ad1-bcee-9b5dad8912d7.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090721683000899
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMqwuF9hDO6vP6O+etbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEs6Xtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                          MD5:BDB7381BCE14CE8D8F8236DA2CEBD510
                                                                                                                                                                                                                                                                                                          SHA1:2C7945ACB2F7B26B6110AFD8D69F531335E2A7BA
                                                                                                                                                                                                                                                                                                          SHA-256:2205693805698EA13CEBE250A6DF1D51516AE8F477F5C1613F3CCCF277E8232F
                                                                                                                                                                                                                                                                                                          SHA-512:D5D5998C72300B946CFA034DFFCA16FABB86F03CC39535775EDDC02CEF97644888C31B32764F0A70048E7E811AFF1F12B2DF28352A46156208EBFC0658F50385
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c302698c-93a9-436b-9f5a-577674e4cb2e.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):38333
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.0714886257144975
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:mMkbJrT8IeQc5d95N7RuIhDO6vP6ODS6ssfTKcnS0X29fLbCAoD:mMk1rT8H195Ns6jS6sQ29LbRoD
                                                                                                                                                                                                                                                                                                          MD5:0CEA0E24D1304448ED51E18E01C64D2B
                                                                                                                                                                                                                                                                                                          SHA1:EBDD90707582A3803F33A85F45A27391EB9BDA6B
                                                                                                                                                                                                                                                                                                          SHA-256:9BDAD7BDED66AB93D917B282920AEA493BB9D058164E5AB7DE30CE2CA71EAE9E
                                                                                                                                                                                                                                                                                                          SHA-512:076F6A46C8260E7D189615E51AE129F9DDFCDDBE7EA69D4384D19419F0832B69B76AAEABC251716116E926F41DAAA3104BEB49A14C1D0B1B56D6AAFC105995F2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c85b2086-5da8-4de1-aa0b-4a8e755f43eb.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):48065
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.100357985150036
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBKwurhDO6vP6ODS6ssfTKcnS0XcGoup1Xl3jVzXr1:z/Ps+wsI7yOEh6jS6sQchu3VlXr4CRoO
                                                                                                                                                                                                                                                                                                          MD5:D7B09345CEF3DB8F00CCC04882BBDA48
                                                                                                                                                                                                                                                                                                          SHA1:CD03106F37D9EBA44F2AB10CBB08672CC5210D62
                                                                                                                                                                                                                                                                                                          SHA-256:33191E599151AE44D096FE8B66A20E5FFA586832490199C7F0B7F8A62664B2EF
                                                                                                                                                                                                                                                                                                          SHA-512:3F8EE343456109D4A7FED1247F8A9DE0F9BFCE2FE701B7C08BFF5C13C705897C24D2A55BFB1A9B0ABF3249F4682107D021CA6BCF362C81E31947B95A905D3F50
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\fe7dde52-c168-4b6c-823e-f8528ec0251c.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):47193
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.099147530243177
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBKwurhDO6vP6ODS6ssfTWC0XcGoup1Xl3jVzXr4Co:z/Ps+wsI7yOEh6jS6sLchu3VlXr4CRon
                                                                                                                                                                                                                                                                                                          MD5:2F5A06C2671BF8D0859DD66D350F450E
                                                                                                                                                                                                                                                                                                          SHA1:E57314DBAC7514BCA3F8688DBECB63BBD1C606B0
                                                                                                                                                                                                                                                                                                          SHA-256:FB39623F723EF69A95398143FFCC3F52AA97B7B90198A7F1D25A06D91ADD7D7D
                                                                                                                                                                                                                                                                                                          SHA-512:2B9DC0511831F67E37E1CBCA7080930AB910DFD4D36093B75FAA7030764028759F98E94CF9CB67F2D4CE97267B7AFE5D8F561154DF3D7100A83AE012FCFD8BA8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2278
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8525263331402324
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:uiTrlKxrgxuxl9Il8uToJ0MDPap/GDZZvuoItT/pid1rc:mvYeJ0MDPNDZZvPATX
                                                                                                                                                                                                                                                                                                          MD5:E149AF3748F8456BC251795FCC47A046
                                                                                                                                                                                                                                                                                                          SHA1:D56E02EDD6C34F747E54585F98316EA12F834635
                                                                                                                                                                                                                                                                                                          SHA-256:9C2FB4967D3D7179AAAE5E564A70B98191227A89C11AAF5DAFDFCDB25789B8A4
                                                                                                                                                                                                                                                                                                          SHA-512:F96DE6BB68F8B87E67FAB789C8DB3F3636D21DD18EA1F3D9663ABE84486C00E9EC10C3F02098B659CE320F5C124BB3C132A7E09350186FADE4A0932562F6EEBF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.P.R.R.W.+.A.8.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.L.A.6.p.Y.u.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4622
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.0048915204821585
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:xYQhGNZXEKWZdaovPdBO0rhnsA5INkkozB+y+v:xnhUErG47O0VnsA5Buv
                                                                                                                                                                                                                                                                                                          MD5:27BCC507B3E6346F0A2D9A9533E954F1
                                                                                                                                                                                                                                                                                                          SHA1:73153C59CFED3C4F3F8B2BE05BA36C52AA4D683B
                                                                                                                                                                                                                                                                                                          SHA-256:A41A6FC2810108D95BF50003D15933ECA428547559FCB28A7E9B3D3EE37B2F76
                                                                                                                                                                                                                                                                                                          SHA-512:1C2D795FF3E84B299C4F3EC93583826523F9E674C3ADEC93E9791030EDB812B6CF40D18D526A6FD53AFA1FC354182F1CBCC2E8A3FE6A02F79E1F61704D091135
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".4.E.7.G.Q.d.g.8.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.L.A.6.p.Y.u.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2684
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8945192128826513
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:uiTrlKx68Wa7xyxl9Il8uTOtOf0ChEj205kkpJFn9CRsr2zhLd/vc:aAYmi+kqJN9CmKzh2
                                                                                                                                                                                                                                                                                                          MD5:CA5005135B8CEE5132489D4DC291393E
                                                                                                                                                                                                                                                                                                          SHA1:6B3CA374CA55CF700F54393476F303343C01632A
                                                                                                                                                                                                                                                                                                          SHA-256:4C835D2046B843725CF53879513E5D7C00AFBD0257753B0F22CF3DEDBE352F52
                                                                                                                                                                                                                                                                                                          SHA-512:FC0F81889A2EFFE6673D87A993BD082124622E74A6C72EFDA5F9C22CFFD823B538507D3B0CFEA4067E3ADD3F6A206CD9201B64233E887209D8976705DED7D318
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".+.t.f.J.c.q.l.b.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.L.A.6.p.Y.u.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\28931b2f-217e-4b62-a74d-53d5356dfce4.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):11185
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\73b682e6-d5cf-4098-a018-00f538f9f1b9.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_ARC4.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):11264
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.640339306680604
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:dLklddyTHThob0q/tJRrlDfNYSOcqgYCWt:ZgcdZq/JJD6gRWt
                                                                                                                                                                                                                                                                                                          MD5:BCD8CAAF9342AB891BB1D8DD45EF0098
                                                                                                                                                                                                                                                                                                          SHA1:EE7760BA0FF2548F25D764F000EFBB1332BE6D3E
                                                                                                                                                                                                                                                                                                          SHA-256:78725D2F55B7400A3FCAFECD35AF7AEB253FBC0FFCDF1903016EB0AABD1B4E50
                                                                                                                                                                                                                                                                                                          SHA-512:8B6FB53AECB514769985EBFDAB1B3C739024597D9C35905E04971D5422256546F7F169BF98F9BAF7D9F42A61CFF3EE7A20664989D3000773BF5EDA10CB3A0C24
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Joe Sandbox View:
                                                                                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: Payload.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: Payload.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: Creal.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: #U0416#U0430#U0440#U043a#U043e#U0432#U0430 .exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: RobCheat.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: SecuriteInfo.com.Python.Stealer.1251.9496.6786.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: SecuriteInfo.com.Python.Stealer.1251.9496.6786.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d...Y..f.........." ................P........................................p............`..........................................'......0(..d....P.......@...............`..(....!...............................!..8............ ...............................text............................... ..`.rdata..Z.... ......................@..@.data...H....0......."..............@....pdata.......@.......$..............@..@.rsrc........P.......(..............@..@.reloc..(....`.......*..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_Salsa20.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):13824
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.0194545642425075
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:4t/1nCuqaL0kt7AznuRmceS4lDFhAlcqgcLg:F/k1ACln4lDogcLg
                                                                                                                                                                                                                                                                                                          MD5:F19CB847E567A31FAB97435536C7B783
                                                                                                                                                                                                                                                                                                          SHA1:4C8BFE404AF28C1781740E7767619A5E2D2FF2B7
                                                                                                                                                                                                                                                                                                          SHA-256:1ECE1DC94471D6977DBE2CEEBA3764ADF0625E2203D6257F7C781C619D2A3DAD
                                                                                                                                                                                                                                                                                                          SHA-512:382DC205F703FC3E1F072F17F58E321E1A65B86BE7D9D6B07F24A02A156308A7FEC9B1A621BA1F3428FD6BB413D14AE9ECB2A2C8DD62A7659776CFFDEBB6374C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Joe Sandbox View:
                                                                                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: Payload.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: Payload.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: Creal.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: #U0416#U0430#U0440#U043a#U043e#U0432#U0430 .exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: RobCheat.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: SecuriteInfo.com.Trojan.PWS.Stealer.39881.9434.15338.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          • Filename: SecuriteInfo.com.Python.Stealer.1251.9496.6786.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d...Z..f.........." ................P.....................................................`..........................................8......H9..d....`.......P..L............p..(....1...............................1..8............0...............................text...h........................... ..`.rdata..r....0......................@..@.data...H....@.......,..............@....pdata..L....P......................@..@.rsrc........`.......2..............@..@.reloc..(....p.......4..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_chacha20.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):13312
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.037456384995606
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:st/1nCuqaL0ktPMn1ENe3erKr5br0YbsiDw6a9lkOcqgRGd:p/kpMIodrXbsiDS95gRGd
                                                                                                                                                                                                                                                                                                          MD5:DC14677EA8A8C933CC41F9CCF2BEDDC1
                                                                                                                                                                                                                                                                                                          SHA1:A6FB87E8F3540743097A467ABE0723247FDAF469
                                                                                                                                                                                                                                                                                                          SHA-256:68F081E96AE08617CF111B21EDED35C1774A5EF1223DF9A161C9445A78F25C73
                                                                                                                                                                                                                                                                                                          SHA-512:3ABA4CFCBBE4B350AB3230D488BD75186427E3AAAF38D19E0E1C7330F16795AD77FB6E26FF39AF29EAF4F5E8C42118CB680F90AFBFCA218AEDA64DC444675BA2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d...Z..f.........." ................P.....................................................`......................................... 8.......8..d....`.......P..d............p..(....1...............................1..8............0...............................text............................... ..`.rdata.......0......................@..@.data...H....@.......*..............@....pdata..d....P.......,..............@..@.rsrc........`.......0..............@..@.reloc..(....p.......2..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_pkcs1_decode.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):14336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.09191874780435
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:rMVsiXeqVb0lIb0Pj5Jdfpm68WZDInU282tacqgYLg:rM7ali0Pj5JxCaDuUlgYLg
                                                                                                                                                                                                                                                                                                          MD5:C09BB8A30F0F733C81C5C5A3DAD8D76D
                                                                                                                                                                                                                                                                                                          SHA1:46FD3BA87A32D12F4EE14601D1AD73B78EDC81D1
                                                                                                                                                                                                                                                                                                          SHA-256:8A1B751DB47CE7B1D3BD10BEBFFC7442BE4CFB398E96E3B1FF7FB83C88A8953D
                                                                                                                                                                                                                                                                                                          SHA-512:691AC74FAE930E9CEABE782567EFB99C50DD9B8AD607DD7F99A5C7DF2FA2BEB7EDFE2EBB7095A72DA0AE24E688FBABD340EAE8B646D5B8C394FEE8DDD5E60D31
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^:.6?T.6?T.6?T.?G..2?T.dJU.4?T.}GU.5?T.6?U..?T.dJQ.<?T.dJP.>?T.dJW.5?T..J\.7?T..JT.7?T..J..7?T..JV.7?T.Rich6?T.........................PE..d...X..f.........." ................P.....................................................`.........................................`8.......8..d....`.......P..(............p..(....1...............................1..8............0...............................text............................... ..`.rdata..6....0....... ..............@..@.data...x....@......................@....pdata..(....P.......0..............@..@.rsrc........`.......4..............@..@.reloc..(....p.......6..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_aes.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):36352
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.541423493519083
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:f/UlZA5PUEllvxL/7v/iKBt5ByU0xGitqzSEkxGG7+tpKHb/LZ7fr52EkifcMxme:klcR7JriEbwDaS4j990th9VDBV
                                                                                                                                                                                                                                                                                                          MD5:0AB25F99CDAACA6B11F2ECBE8223CAD5
                                                                                                                                                                                                                                                                                                          SHA1:7A881B3F84EF39D97A31283DE6D7B7AE85C8BAE6
                                                                                                                                                                                                                                                                                                          SHA-256:6CE8A60D1AB5ADC186E23E3DE864D7ADF6BDD37E3B0C591FA910763C5C26AF60
                                                                                                                                                                                                                                                                                                          SHA-512:11E89EEF34398DF3B144A0303E08B3A4CAF41A9A8CA618C18135F561731F285F8CF821D81179C2C45F6EEB0E496D9DD3ECF6FF202A3C453C80AFEF8582D06C17
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d...V..f.........." .....H...H......P.....................................................`.........................................p...........d...............................0......................................8............`...............................text...xG.......H.................. ..`.rdata.."6...`...8...L..............@..@.data...H...........................@....pdata..............................@..@.rsrc...............................@..@.reloc..0...........................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_aesni.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):15360
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.367749645917753
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:YiJBj5fq/Rk0kPLhOZ3UucCWuSKPEkA2bD9JXx03cqg5YUMLgs:/k1kTMZEjCWNaA2DTx0g5YUMLg
                                                                                                                                                                                                                                                                                                          MD5:B6EA675C3A35CD6400A7ECF2FB9530D1
                                                                                                                                                                                                                                                                                                          SHA1:0E41751AA48108D7924B0A70A86031DDE799D7D6
                                                                                                                                                                                                                                                                                                          SHA-256:76EF4C1759B5553550AB652B84F8E158BA8F34F29FD090393815F06A1C1DC59D
                                                                                                                                                                                                                                                                                                          SHA-512:E31FD33E1ED6D4DA3957320250282CFD9EB3A64F12DE4BD2DFE3410F66725164D96B27CAA34C501D1A535A5A2442D5F070650FD3014B4B92624EE00F1C3F3197
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.z.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d...V..f.........." ......... ......P.....................................................`..........................................9......$:..d....`.......P...............p..(....1...............................1..8............0.. ............................text............................... ..`.rdata.......0......."..............@..@.data...8....@.......2..............@....pdata.......P.......4..............@..@.rsrc........`.......8..............@..@.reloc..(....p.......:..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_arc2.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):16384
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.41148259289073
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:w3d9FkHaz0EJvrj+CYuz7ucc9dG7otDr22KcqgOiewZjW:YkHEJzj+X6769lDzagO/w
                                                                                                                                                                                                                                                                                                          MD5:F14E1AA2590D621BE8C10321B2C43132
                                                                                                                                                                                                                                                                                                          SHA1:FD84D11619DFFDF82C563E45B48F82099D9E3130
                                                                                                                                                                                                                                                                                                          SHA-256:FCE70B3DAFB39C6A4DB85D2D662CB9EB9C4861AA648AD7436E7F65663345D177
                                                                                                                                                                                                                                                                                                          SHA-512:A86B9DF163007277D26F2F732ECAB9DBCA8E860F8B5809784F46702D4CEA198824FDEF6AB98BA7DDC281E8791C10EABA002ABDA6F975323B36D5967E0443C1E4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...W..f.........." ....."... ......P.....................................................`.........................................pI.......J..d....p.......`..................(....B...............................B..8............@...............................text...( .......".................. ..`.rdata..<....@.......&..............@..@.data...H....P.......6..............@....pdata.......`.......8..............@..@.rsrc........p.......<..............@..@.reloc..(............>..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_blowfish.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):20992
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.041302713678401
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:kUX0JfbRz5MLZA0nmwzMDYpJgLa0Mp8NDBcxgprAM:6NbRzWXwDqgLa1uBfP
                                                                                                                                                                                                                                                                                                          MD5:B127CAE435AEB8A2A37D2A1BC1C27282
                                                                                                                                                                                                                                                                                                          SHA1:2A7BF8BF7F24B2381370BA6B41FB640EE42BDCCD
                                                                                                                                                                                                                                                                                                          SHA-256:538B1253B5929254ED92129FA0957DB26CDDF34A8372BA0BF19D20D01549ADA3
                                                                                                                                                                                                                                                                                                          SHA-512:4FE027E46D5132CA63973C67BD5394F2AC74DD4BBCFE93CB16136FAB4B6BF67BECB5A0D4CA359FF9426DA63CA81F793BBF1B79C8A9D8372C53DCB5796D17367E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...W..f.........." .....$...0......P.....................................................`.........................................0Y.......Y..d............p..................0....Q...............................R..8............@...............................text....".......$.................. ..`.rdata.......@... ...(..............@..@.data...H....`.......H..............@....pdata.......p.......J..............@..@.rsrc................N..............@..@.reloc..0............P..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cast.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):24576
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.530656045206549
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:cEDwUBi9SPu71omZXmrfXA+UA10ol31tuXVYdAgYj:FsUBXmoEXmrXA+NNxWFYfo
                                                                                                                                                                                                                                                                                                          MD5:2E15AA6F97ED618A3236CFA920988142
                                                                                                                                                                                                                                                                                                          SHA1:A9D556D54519D3E91FA19A936ED291A33C0D1141
                                                                                                                                                                                                                                                                                                          SHA-256:516C5EA47A7B9A166F2226ECBA79075F1A35EFFF14D87E00006B34496173BB78
                                                                                                                                                                                                                                                                                                          SHA-512:A6C75C4A285753CC94E45500E8DD6B6C7574FB7F610FF65667F1BEC8D8B413FC10514B7D62F196C2B8D017C308C5E19E2AEF918021FA81D0CB3D8CED37D8549A
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d...W..f.........." .....$...>............................................................`..........................................h.......i..d...............................0....a...............................a..8............@...............................text....#.......$.................. ..`.rdata..:-...@.......(..............@..@.data...H....p.......V..............@....pdata...............X..............@..@.rsrc................\..............@..@.reloc..0............^..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cbc.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):12288
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.7080156150187396
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:lF/1n7Guqaj0ktfEJwX1fYwCODR3lncqg0Gd6l:RGXkJEm1feODxDg0Gd6
                                                                                                                                                                                                                                                                                                          MD5:40390F2113DC2A9D6CFAE7127F6BA329
                                                                                                                                                                                                                                                                                                          SHA1:9C886C33A20B3F76B37AA9B10A6954F3C8981772
                                                                                                                                                                                                                                                                                                          SHA-256:6BA9C910F755885E4D356C798A4DD32D2803EA4CFABB3D56165B3017D0491AE2
                                                                                                                                                                                                                                                                                                          SHA-512:617B963816838D649C212C5021D7D0C58839A85D4D33BBAF72C0EC6ECD98B609080E9E57AF06FA558FF302660619BE57CC974282826AB9F21AE0D80FBAA831A1
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...X..f.........." ................P.....................................................`..........................................8.......8..d....`.......P..X............p..(....1...............................1..8............0...............................text............................... ..`.rdata.......0......................@..@.data...H....@.......&..............@....pdata..X....P.......(..............@..@.rsrc........`.......,..............@..@.reloc..(....p......................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_cfb.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):12800
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.159963979391524
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:kblRgfeqfz0RP767fB4A84DgVD6eDcqgzbkLgmf:BwRj67p84Dg6eVgzbkLgmf
                                                                                                                                                                                                                                                                                                          MD5:899895C0ED6830C4C9A3328CC7DF95B6
                                                                                                                                                                                                                                                                                                          SHA1:C02F14EBDA8B631195068266BA20E03210ABEABC
                                                                                                                                                                                                                                                                                                          SHA-256:18D568C7BE3E04F4E6026D12B09B1FA3FAE50FF29AC3DEAF861F3C181653E691
                                                                                                                                                                                                                                                                                                          SHA-512:0B4C50E40AF92BC9589668E13DF417244274F46F5A66E1FC7D1D59BC281969BA319305BECEA119385F01CC4603439E4B37AFA2CF90645425210848A02839E3E7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^..6?..6?..6?..?G..2?..dJ..4?..}G..5?..6?...?..dJ..<?..dJ..>?..dJ..5?...J..7?...J..7?...Jk.7?...J..7?..Rich6?..................PE..d...Y..f.........." ................P.....................................................`..........................................8......x9..d....`.......P..d............p..(....1...............................1..8............0...............................text............................... ..`.rdata.......0......................@..@.data...H....@.......(..............@....pdata..d....P.......*..............@..@.rsrc........`......................@..@.reloc..(....p.......0..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ctr.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):14848
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.270418334522813
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:vktJ1gifqQGRk0IP73AdXdmEEEEEm9uhiFEQayDZVMcqgnF6+6Lg:vkdU1ID3AdXd49urQPDggnUjLg
                                                                                                                                                                                                                                                                                                          MD5:C4C525B081F8A0927091178F5F2EE103
                                                                                                                                                                                                                                                                                                          SHA1:A1F17B5EA430ADE174D02ECC0B3CB79DBF619900
                                                                                                                                                                                                                                                                                                          SHA-256:4D86A90B2E20CDE099D6122C49A72BAE081F60EB2EEA0F76E740BE6C41DA6749
                                                                                                                                                                                                                                                                                                          SHA-512:7C06E3E6261427BC6E654B2B53518C7EAA5F860A47AE8E80DC3F8F0FED91E122CB2D4632188DC44123FB759749B5425F426CD1153A8F84485EF0491002B26555
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^z.6?..6?..6?..?G..2?..dJ..4?..}G..5?..6?...?..dJ..<?..dJ..>?..dJ..5?...J..7?...J..7?...J..7?...J..7?..Rich6?..........................PE..d...Y..f.........." ......... ......P.....................................................`.........................................`9.......:..d....`.......P...............p..(....1...............................1..8............0.. ............................text............................... ..`.rdata.......0....... ..............@..@.data........@.......0..............@....pdata.......P.......2..............@..@.rsrc........`.......6..............@..@.reloc..(....p.......8..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_des.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):56832
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.231032526864278
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:0qcmHBeNL1dO/qHkpnYcZiGKdZHDLY84vnKAnK2rZA21agVF:fEiqHHx4vZDV
                                                                                                                                                                                                                                                                                                          MD5:F9E266F763175B8F6FD4154275F8E2F0
                                                                                                                                                                                                                                                                                                          SHA1:8BE457700D58356BC2FA7390940611709A0E5473
                                                                                                                                                                                                                                                                                                          SHA-256:14D2799BE604CBDC668FDE8834A896EEE69DAE0E0D43B37289FCCBA35CEF29EC
                                                                                                                                                                                                                                                                                                          SHA-512:EB3E37A3C3FF8A65DEF6FA20941C8672A8197A41977E35AE2DC6551B5587B84C2703758320559F2C93C0531AD5C9D0F6C36EC5037669DC5CE78EB3367D89877B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........PK..1%..1%..1%..I...1%.D$..1%.I$..1%..1$..1%.D ..1%.D!..1%.D&..1%..D-..1%..D%..1%..D...1%..D'..1%.Rich.1%.........................PE..d...X..f.........." .....6...................................................0............`.................................................\...d...............l............ ..0... ...............................@...8............P...............................text....5.......6.................. ..`.rdata.......P.......:..............@..@.data...H...........................@....pdata..l...........................@..@.rsrc...............................@..@.reloc..0.... ......................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_des3.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):57344
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.252429732285762
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:J4cmHBeIzNweVy/CHkRnYcZiGKdZHDLq80vnKAnKBrZGsURygUX:GEO6CHnX0vZb7
                                                                                                                                                                                                                                                                                                          MD5:DECF524B2D53FCD7D4FA726F00B3E5FC
                                                                                                                                                                                                                                                                                                          SHA1:E87C6ED4004F2772B888C5B5758AA75FE99D2F6F
                                                                                                                                                                                                                                                                                                          SHA-256:58F7053EE70467D3384C73F299C0DFD63EEF9744D61D1980D9D2518974CA92D4
                                                                                                                                                                                                                                                                                                          SHA-512:EAFF4FD80843743E61CE635FBADF4E5D9CF2C3E97F3C48350BD9E755F4423AC6867F9FE8746BD5C54E1402B18E8A55AEEF7ACA098C7CF4186DC4C1235EB35DF2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........PK..1%..1%..1%..I...1%.D$..1%.I$..1%..1$..1%.D ..1%.D!..1%.D&..1%..D-..1%..D%..1%..D...1%..D'..1%.Rich.1%.........................PE..d...X..f.........." .....8...................................................0............`.....................................................d............................ ..0... ...............................@...8............P...............................text...X7.......8.................. ..`.rdata......P.......<..............@..@.data...H...........................@....pdata..............................@..@.rsrc...............................@..@.reloc..0.... ......................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ecb.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):10240
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.690163963718492
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:Yddz2KTnThIz0qfteRY4zp+D3PLui8p1cqgHCWt:k2E9RqfCXp+D3juRpLgiWt
                                                                                                                                                                                                                                                                                                          MD5:80BB1E0E06ACAF03A0B1D4EF30D14BE7
                                                                                                                                                                                                                                                                                                          SHA1:B20CAC0D2F3CD803D98A2E8A25FBF65884B0B619
                                                                                                                                                                                                                                                                                                          SHA-256:5D1C2C60C4E571B88F27D4AE7D22494BED57D5EC91939E5716AFA3EA7F6871F6
                                                                                                                                                                                                                                                                                                          SHA-512:2A13AB6715B818AD62267AB51E55CD54714AEBF21EC9EA61C2AEFD56017DC84A6B360D024F8682A2E105582B9C5FE892ECEBD2BEF8A492279B19FFD84BC83FA5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d...X..f.........." ................P........................................p............`.........................................0'.......'..P....P.......@...............`..(....!...............................!..8............ ...............................text............................... ..`.rdata....... ......................@..@.data...H....0....... ..............@....pdata.......@......."..............@..@.rsrc........P.......$..............@..@.reloc..(....`.......&..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_eksblowfish.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):22016
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.1215844022564285
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:nUX0JfbRwUtPMbNv37t6K5jwbDEpJgLa0Mp8xCkgJrAm:jNbRw8EbxwKBwbD+gLa1nh
                                                                                                                                                                                                                                                                                                          MD5:3727271FE04ECB6D5E49E936095E95BC
                                                                                                                                                                                                                                                                                                          SHA1:46182698689A849A8C210A8BF571D5F574C6F5B1
                                                                                                                                                                                                                                                                                                          SHA-256:3AF5B35DCD5A3B6C7E88CEE53F355AAFFF40F2C21DABD4DE27DBB57D1A29B63B
                                                                                                                                                                                                                                                                                                          SHA-512:5BED1F4DF678FE90B8E3F1B7C4F68198463E579209B079CB4A40DCAC01CE26AA2417DBE029B196F6F2C6AFAD560E2D1AF9F089ABE37EAD121CA10EE69D9659ED
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...W..f.........." .....(...0......P.....................................................`.........................................0Y.......Y..d............p..................0....Q...............................R..8............@...............................text...H'.......(.................. ..`.rdata.......@... ...,..............@..@.data...H....`.......L..............@....pdata.......p.......N..............@..@.rsrc................R..............@..@.reloc..0............T..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ocb.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):17920
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.293810509074883
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:4PHoDUntQjNB+/yw/pogeXOvXoTezczOo3p9iJgDQ3iNgnVbwhA:dUOhBcDRogeXOfoTezcio3pUJgDQ3i+
                                                                                                                                                                                                                                                                                                          MD5:78AEF441C9152A17DD4DC40C7CC9DF69
                                                                                                                                                                                                                                                                                                          SHA1:6BB6F8426AFA6522E647DFC82B1B64FAF3A9781F
                                                                                                                                                                                                                                                                                                          SHA-256:56E4E4B156295F1AAA22ECB5481841DE2A9EB84845A16E12A7C18C7C3B05B707
                                                                                                                                                                                                                                                                                                          SHA-512:27B27E77BE81B29D42359FE28531225383860BCD19A79044090C4EA58D9F98009A254BF63585979C60B3134D47B8233941ABB354A291F23C8641A4961FA33107
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...Y..f.........." .....(... ......P.....................................................`.........................................pI......lJ..d....p.......`..................(....A...............................A..8............@...............................text....'.......(.................. ..`.rdata.......@.......,..............@..@.data........P.......<..............@....pdata.......`.......>..............@..@.rsrc........p.......B..............@..@.reloc..(............D..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Cipher\_raw_ofb.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):11776
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.862619033406922
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:0Ga+F/1NtJ9t4udqaj01rlALnNNJSS2sP+YEdMN+F9FdKaWDULk+VOmWbucX6gR7:PF/1n7Guqaj0ktfEON+bMDUlJcqg0Gd
                                                                                                                                                                                                                                                                                                          MD5:19E0ABF76B274C12FF624A16713F4999
                                                                                                                                                                                                                                                                                                          SHA1:A4B370F556B925F7126BF87F70263D1705C3A0DB
                                                                                                                                                                                                                                                                                                          SHA-256:D9FDA05AE16C5387AB46DC728C6EDCE6A3D0A9E1ABDD7ACB8B32FC2A17BE6F13
                                                                                                                                                                                                                                                                                                          SHA-512:D03033EA5CF37641FBD802EBEB5019CAEF33C9A78E01519FEA88F87E773DCA92C80B74BA80429B530694DAD0BFA3F043A7104234C7C961E18D48019D90277C8E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...Y..f.........." ................P.....................................................`..........................................8.......8..d....`.......P..X............p..(....1...............................1..8............0...............................text............................... ..`.rdata.......0......................@..@.data...H....@.......$..............@....pdata..X....P.......&..............@..@.rsrc........`.......*..............@..@.reloc..(....p.......,..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_BLAKE2b.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):14336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.227045547076371
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:saF/1n7Guqaj0ktrE8o2o+V2rQnjt1wmg9jtveDn4clG6VcqgOvgdd:swGXkFE8Zo+AojO9jZeDf5rgOvgz
                                                                                                                                                                                                                                                                                                          MD5:309D6F6B0DD022EBD9214F445CAC7BB9
                                                                                                                                                                                                                                                                                                          SHA1:ABD22690B7AD77782CFC0D2393D0C038E16070B0
                                                                                                                                                                                                                                                                                                          SHA-256:4FBE188C20FB578D4B66349D50AA6FFE4AB86844FB6427C57738F36780D1E2E2
                                                                                                                                                                                                                                                                                                          SHA-512:D1951FE92F83E7774E8E877815BED6E6216D56EF18B7F1C369D678CB6E1814243659E9FA7ABC0D22FB5B34A9D50A51D5A89BA00AE1FDD32157FD0FF9902FB4B7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...U..f.........." ................P.....................................................`..........................................8.......9..d....`.......P..@............p..(....2...............................2..8............0...............................text...x........................... ..`.rdata.......0....... ..............@..@.data...H....@......................@....pdata..@....P.......0..............@..@.rsrc........`.......4..............@..@.reloc..(....p.......6..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_BLAKE2s.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):13824
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.176369829782773
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:rF/1n7Guqaj0ktrESsrUW+SBjsK5tcQmEreD2mf1AoxkVcqgOvgXQ:rGXkFE/UW575tA2eDp1Ao2rgOvgX
                                                                                                                                                                                                                                                                                                          MD5:D54FEB9A270B212B0CCB1937C660678A
                                                                                                                                                                                                                                                                                                          SHA1:224259E5B684C7AC8D79464E51503D302390C5C9
                                                                                                                                                                                                                                                                                                          SHA-256:032B83F1003A796465255D9B246050A196488BAC1260F628913E536314AFDED4
                                                                                                                                                                                                                                                                                                          SHA-512:29955A6569CA6D039B35BB40C56AEEB75FC765600525D0B469F72C97945970A428951BAB4AF9CD21B3161D5BBA932F853778E2674CA83B14F7ABA009FA53566F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...U..f.........." ................P.....................................................`..........................................8.......9..d....`.......P..@............p..(....2...............................2..8............0...............................text...h........................... ..`.rdata.......0......................@..@.data...H....@.......,..............@....pdata..@....P......................@..@.rsrc........`.......2..............@..@.reloc..(....p.......4..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD2.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):14336
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.047563322651927
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:6alCvH32p3/2pnEhKnLg9yH8puzoFaPERIQAvHD9CIg5kP:5CvHmp3OpnEhmLg9yH8puzoFaPERIQgI
                                                                                                                                                                                                                                                                                                          MD5:52DCD4151A9177CF685BE4DF48EA9606
                                                                                                                                                                                                                                                                                                          SHA1:F444A4A5CBAE9422B408420115F0D3FF973C9705
                                                                                                                                                                                                                                                                                                          SHA-256:D54375DC0652358A6E4E744F1A0EAEEAD87ACCD391A20D6FF324FE14E988A122
                                                                                                                                                                                                                                                                                                          SHA-512:64C54B89F2637759309ECC6655831C3A6755924ED70CBC51614061542EB9BA9A8AECF6951EB3AB92447247DC4D7D846C88F4957DBBE4484A9AB934343EE27178
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...Q..f.........." ......... ......P.....................................................`.........................................@9.......9..d....`.......P..(............p..(....2...............................2..8............0...............................text...X........................... ..`.rdata..@....0......................@..@.data...x....@......................@....pdata..(....P.......0..............@..@.rsrc........`.......4..............@..@.reloc..(....p.......6..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD4.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):13824
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.09893680790018
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:xsiXeqVb0lwbH4P01sAD7I/9hAkwDWzBEbcqgqLg:valqH4M1sAD7KvpwDFtgqLg
                                                                                                                                                                                                                                                                                                          MD5:F929B1A3997427191E07CF52AC883054
                                                                                                                                                                                                                                                                                                          SHA1:C5EA5B68586C2FB09E5FDD20D4DD616D06F5CBA6
                                                                                                                                                                                                                                                                                                          SHA-256:5386908173074FABD95BF269A9DF0A4E1B21C0576923186F449ABF4A820F6A8E
                                                                                                                                                                                                                                                                                                          SHA-512:2C79DBCE2C21214D979AB86DD989D41A3AFA7FCB7F3B79BA9974E2EE8F832DD7CA20C1C87C0C380DB037D776FE6D0851D60AD55A08AFDE0003B7E59214DD2F3B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...R..f.........." ................P.....................................................`.........................................08.......8..d....`.......P..(............p..(....1...............................2..8............0...............................text............................... ..`.rdata..0....0......................@..@.data........@.......,..............@....pdata..(....P......................@..@.rsrc........`.......2..............@..@.reloc..(....p.......4..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_MD5.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):15360
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.451865349855574
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:KfwogDHER1wuiDSyoGTgDZOviNgEPrLg:ugDHELwuiDScTgDwi+EP
                                                                                                                                                                                                                                                                                                          MD5:1FA5E257A85D16E916E9C22984412871
                                                                                                                                                                                                                                                                                                          SHA1:1AC8EE98AD0A715A1B40AD25D2E8007CDC19871F
                                                                                                                                                                                                                                                                                                          SHA-256:D87A9B7CAD4C451D916B399B19298DC46AAACC085833C0793092641C00334B8E
                                                                                                                                                                                                                                                                                                          SHA-512:E4205355B647C6E28B7E4722328F51DC2EB3A109E9D9B90F7C53D7A80A5A4B10E40ABDDAB1BA151E73EF3EB56941F843535663F42DCE264830E6E17BB659EADF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...R..f.........." ..... ..........P.....................................................`..........................................8......`9..d....`.......P..X............p..(....1...............................1..8............0...............................text............ .................. ..`.rdata.......0.......$..............@..@.data........@.......2..............@....pdata..X....P.......4..............@..@.rsrc........`.......8..............@..@.reloc..(....p.......:..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_RIPEMD160.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):13824
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.104245335186531
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:3F/1n7Guqaj0kt7/Ev9kt0Qwac6QzD8iD0QocqgI4G0S:nGXkd/EvGt9wacNDvAgI4v
                                                                                                                                                                                                                                                                                                          MD5:FAD578A026F280C1AE6F787B1FA30129
                                                                                                                                                                                                                                                                                                          SHA1:9A3E93818A104314E172A304C3D117B6A66BEB55
                                                                                                                                                                                                                                                                                                          SHA-256:74A1FF0801F4704158684267CD8E123F83FB6334FE522C1890AC4A0926F80AB1
                                                                                                                                                                                                                                                                                                          SHA-512:ACF8F5B382F3B4C07386505BBDCAF625D13BCC10AA93ED641833E3548261B0AD1063E2F59BE2FCD2AFAF3D315CB3FC5EB629CEFC168B33CFD65A3A6F1120F7FF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...U..f.........." ......... ......P.....................................................`..........................................9.......:..d....`.......P...............p..(...@3..............................`3..8............0...............................text...H........................... ..`.rdata.......0......................@..@.data...H....@.......,..............@....pdata.......P......................@..@.rsrc........`.......2..............@..@.reloc..(....p.......4..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA1.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):17920
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.671305741258107
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:APHoDUntQj0sKhDOJ+0QPSfu6rofDjiZzgE+kbwb:VUOYsKNO466DjoUE+
                                                                                                                                                                                                                                                                                                          MD5:556E6D0E5F8E4DA74C2780481105D543
                                                                                                                                                                                                                                                                                                          SHA1:7A49CDEF738E9FE9CD6CD62B0F74EAD1A1774A33
                                                                                                                                                                                                                                                                                                          SHA-256:247B0885CF83375211861F37B6DD1376AED5131D621EE0137A60FE7910E40F8B
                                                                                                                                                                                                                                                                                                          SHA-512:28FA0CE6BDBCC5E95B80AADC284C12658EF0C2BE63421AF5627776A55050EE0EA0345E30A15B744FC2B2F5B1B1BBB61E4881F27F6E3E863EBAAEED1073F4CDA1
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...R..f.........." .....*..........P.....................................................`..........................................H......hI..d....p.......`..X...............(....A...............................A..8............@...............................text....).......*.................. ..`.rdata.......@......................@..@.data........P.......<..............@....pdata..X....`.......>..............@..@.rsrc........p.......B..............@..@.reloc..(............D..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA224.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):21504
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.878701941774916
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:EJWo4IRCGHX1KXqHGcvYHp5RYcARQOj4MSTjqgPmJD1OhgkxEv:EcIRnHX1P/YtswvaD1Rk
                                                                                                                                                                                                                                                                                                          MD5:2F2655A7BBFE08D43013EDDA27E77904
                                                                                                                                                                                                                                                                                                          SHA1:33D51B6C423E094BE3E34E5621E175329A0C0914
                                                                                                                                                                                                                                                                                                          SHA-256:C734ABBD95EC120CB315C43021C0E1EB1BF2295AF9F1C24587334C3FCE4A5BE1
                                                                                                                                                                                                                                                                                                          SHA-512:8AF99ACC969B0E560022F75A0CDCAA85D0BDEADADEACD59DD0C4500F94A5843EA0D4107789C1A613181B1F4E5252134A485EF6B1D9D83CDB5676C5FEE4D49B90
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...S..f.........." .....6... ......P.....................................................`.........................................@Z......([..d............p..................(....R...............................R..8............P...............................text....5.......6.................. ..`.rdata..x....P.......:..............@..@.data........`.......J..............@....pdata.......p.......L..............@..@.rsrc................P..............@..@.reloc..(............R..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA256.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):21504
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.881781476285865
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:EJWo4IRCGHXfKXqHGcvYHp5RYcARQOj4MSTjqgPmJD12gkxEv:EcIRnHXfP/YtswvaD1zk
                                                                                                                                                                                                                                                                                                          MD5:CDE035B8AB3D046B1CE37EEE7EE91FA0
                                                                                                                                                                                                                                                                                                          SHA1:4298B62ED67C8D4F731D1B33E68D7DC9A58487FF
                                                                                                                                                                                                                                                                                                          SHA-256:16BEA322D994A553B293A724B57293D57DA62BC7EAF41F287956B306C13FD972
                                                                                                                                                                                                                                                                                                          SHA-512:C44FDEE5A210459CE4557351E56B2D357FD4937F8EC8EACEAB842FEE29761F66C2262FCBAAC837F39C859C67FA0E23D13E0F60B3AE59BE29EB9D8ABAB0A572BB
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...S..f.........." .....6... ......P.....................................................`.........................................@Z......([..d............p..................(....R...............................R..8............P...............................text....5.......6.................. ..`.rdata..x....P.......:..............@..@.data........`.......J..............@....pdata.......p.......L..............@..@.rsrc................P..............@..@.reloc..(............R..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA384.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):26624
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.837887867708438
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:e839Cc4itui0gel9soFdkO66MlPGXmXcyYDTzks:Ns4u/FZ6nPxMLDvk
                                                                                                                                                                                                                                                                                                          MD5:999D431197D7E06A30E0810F1F910B9A
                                                                                                                                                                                                                                                                                                          SHA1:9BFF781221BCFFD8E55485A08627EC2A37363C96
                                                                                                                                                                                                                                                                                                          SHA-256:AB242B9C9FB662C6F7CB57F7648F33983D6FA3BB0683C5D4329EC2CC51E8C875
                                                                                                                                                                                                                                                                                                          SHA-512:A5DD92DD471ADB44EEFE5919EF9CA3978724E21174DF5B3A9C1F0AB462F928E5A46A460D02417DB7522F5DE3BFEED5EEE6B1EAFAF3E621722E85E72675F7096F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...T..f.........." .....H..."......P.....................................................`..........................................k.......l..d...............................(...pd...............................d..8............`...............................text....F.......H.................. ..`.rdata.......`.......L..............@..@.data................^..............@....pdata...............`..............@..@.rsrc................d..............@..@.reloc..(............f..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_SHA512.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):26624
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.895310340516013
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:lcX9Nf4ttui0gel9soFdkO66MlPGXmXc/vDTOvk:a38u/FZ6nPxM3DAk
                                                                                                                                                                                                                                                                                                          MD5:0931ABBF3AED459B1A2138B551B1D3BB
                                                                                                                                                                                                                                                                                                          SHA1:9EC0296DDAF574A89766A2EC035FC30073863AB0
                                                                                                                                                                                                                                                                                                          SHA-256:1729A0DC6B80CB7A3C07372B98B10D3C6C613EA645240878E1FDE6A992FA06F1
                                                                                                                                                                                                                                                                                                          SHA-512:9F970BB4D10B94F525DDDDE307C7DA5E672BBFB3A3866A34B89B56ADA99476724FD690A4396857182749294F67F36DB471A048789FB715D2A7DAF46917FC1947
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...T..f.........." .....H..."......P.....................................................`.........................................@l......(m..d...............................(....d...............................e..8............`...............................text...hG.......H.................. ..`.rdata..x....`.......L..............@..@.data................^..............@....pdata...............`..............@..@.rsrc................d..............@..@.reloc..(............f..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_ghash_clmul.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):12800
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.967737129255606
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:dMpWt/1nCuqaL0kt7TsEx2fiTgDZqGF0T7cqgkLgJ:k/k1Ts64DDJyBgkLg
                                                                                                                                                                                                                                                                                                          MD5:5F057A380BACBA4EF59C0611549C0E02
                                                                                                                                                                                                                                                                                                          SHA1:4B758D18372D71F0AA38075F073722A55B897F71
                                                                                                                                                                                                                                                                                                          SHA-256:BCB14DAC6C87C24269D3E60C46B49EFFB1360F714C353318F5BBAA48C79EC290
                                                                                                                                                                                                                                                                                                          SHA-512:E1C99E224745B86EE55822C1DBCB4555A11EC31B72D87B46514917EB61E0258A1C6D38C4F592969C17EB4F0F74DA04BCECA31CF1622720E95F0F20E9631792E8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d...V..f.........." ................P.....................................................`.........................................P8.......8..d....`.......P...............p..(....1...............................1..8............0...............................text............................... ..`.rdata..2....0......................@..@.data...H....@.......(..............@....pdata.......P.......*..............@..@.rsrc........`......................@..@.reloc..(....p.......0..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_ghash_portable.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):13312
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.007867576025166
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:bMt/1nCuqaL0ktPH0T7fwtF4zDn2rGacqgRGd:1/kpU3Yv4zDXqgRGd
                                                                                                                                                                                                                                                                                                          MD5:49BCA1B7DF076D1A550EE1B7ED3BD997
                                                                                                                                                                                                                                                                                                          SHA1:47609C7102F5B1BCA16C6BAD4AE22CE0B8AEE9E9
                                                                                                                                                                                                                                                                                                          SHA-256:49E15461DCB76690139E71E9359F7FCF92269DCCA78E3BFE9ACB90C6271080B2
                                                                                                                                                                                                                                                                                                          SHA-512:8574D7FA133B72A4A8D1D7D9FDB61053BC88C2D238B7AC7D519BE19972B658C44EA1DE433885E3206927C75DD5D1028F74999E048AB73189585B87630F865466
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d...V..f.........." ................P.....................................................`..........................................8.......8..d....`.......P..X............p..(....1...............................1..8............0...............................text............................... ..`.rdata.......0......................@..@.data...H....@.......*..............@....pdata..X....P.......,..............@..@.rsrc........`.......0..............@..@.reloc..(....p.......2..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_keccak.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):15872
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.226023387740053
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:rfRKTN+HLjRskTdf4WazSTkwjEvuY2bylHDiYIgovg:mcHfRl5pauoSjy5DiE
                                                                                                                                                                                                                                                                                                          MD5:CB5CFDD4241060E99118DEEC6C931CCC
                                                                                                                                                                                                                                                                                                          SHA1:1E7FED96CF26C9F4730A4621CA9D18CECE3E0BCE
                                                                                                                                                                                                                                                                                                          SHA-256:A8F809B6A417AF99B75EEEEA3ECD16BDA153CBDA4FFAB6E35CE1E8C884D899C4
                                                                                                                                                                                                                                                                                                          SHA-512:8A89E3563C14B81353D251F9F019D8CBF07CB98F78452B8522413C7478A0D77B9ABF2134E4438145D6363CDA39721D2BAE8AD13D1CDACCBB5026619D95F931CF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...U..f.........." ..... ... ......P.....................................................`..........................................9.......9..d....`.......P..X............p..(...p2...............................2..8............0...............................text............ .................. ..`.rdata..@....0.......$..............@..@.data........@.......4..............@....pdata..X....P.......6..............@..@.rsrc........`.......:..............@..@.reloc..(....p.......<..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Hash\_poly1305.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):14848
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.262055670423592
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:C/ZN2eq/b04PAHH41F6fnVS0sVn+5CA5Z1cD66WGcqgFjLg:vI4IHHaQfSVnCZyDImgFjLg
                                                                                                                                                                                                                                                                                                          MD5:18D2D96980802189B23893820714DA90
                                                                                                                                                                                                                                                                                                          SHA1:5DEE494D25EB79038CBC2803163E2EF69E68274C
                                                                                                                                                                                                                                                                                                          SHA-256:C2FD98C677436260ACB9147766258CB99780A007114AED37C87893DF1CF1A717
                                                                                                                                                                                                                                                                                                          SHA-512:0317B65D8F292332C5457A6B15A77548BE5B2705F34BB8F4415046E3E778580ABD17B233E6CC2755C991247E0E65B27B5634465646715657B246483817CACEB7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...V..f.........." ................P.....................................................`..........................................8.......9..d....`.......P..|............p..(....1...............................1..8............0...............................text............................... ..`.rdata.......0......."..............@..@.data........@.......0..............@....pdata..|....P.......2..............@..@.rsrc........`.......6..............@..@.reloc..(....p.......8..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Math\_modexp.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):36352
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.913843738203007
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:dspbXtHQY4ubrttQza9CHnZXQsnecAlOF0qZLAXxQI3Sya6XPpMg3Yx8MnDcCPSq:7Y44UagH6cAFCLUSYpMg3YDzPo5kG9G
                                                                                                                                                                                                                                                                                                          MD5:EF472BA63FD22922CA704B1E7B95A29E
                                                                                                                                                                                                                                                                                                          SHA1:700B68E7EF95514D5E94D3C6B10884E1E187ACD8
                                                                                                                                                                                                                                                                                                          SHA-256:66EEF4E6E0CEEEF2C23A758BFBEDAE7C16282FC93D0A56ACAFC40E871AC3F01C
                                                                                                                                                                                                                                                                                                          SHA-512:DC2060531C4153C43ABF30843BCB5F8FA082345CA1BB57F9AC8695EDDB28FF9FDA8132B6B6C67260F779D95FCADCAE2811091BCA300AB1E041FAE6CC7B50ABD8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d...^..f.........." .....`...0......`.....................................................`..........................................~..|...L...d...............<...............(....q...............................q..8............p..(............................text...X^.......`.................. ..`.rdata.......p.......d..............@..@.data................x..............@....pdata..<...........................@..@.rsrc...............................@..@.reloc..(...........................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Protocol\_scrypt.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):12288
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.735350805948923
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:rhsC3eqv6b0q3OQ3rHu5bc64OhD2I/p3cqgONLg:r/Hq3jHuY64OhDJJgONLg
                                                                                                                                                                                                                                                                                                          MD5:3B1CE70B0193B02C437678F13A335932
                                                                                                                                                                                                                                                                                                          SHA1:063BFD5A32441ED883409AAD17285CE405977D1F
                                                                                                                                                                                                                                                                                                          SHA-256:EB2950B6A2185E87C5318B55132DFE5774A5A579259AB50A7935A7FB143EA7B1
                                                                                                                                                                                                                                                                                                          SHA-512:0E02187F17DFCFD323F2F0E62FBFE35F326DCF9F119FC8B15066AFAEEE4EB7078184BC85D571B555E9E67A2DD909EC12D8A67E3D075E9B1283813EF274E05C0D
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^:.6?T.6?T.6?T.?G..2?T.dJU.4?T.}GU.5?T.6?U..?T.dJQ.<?T.dJP.>?T.dJW.5?T..J\.7?T..JT.7?T..J..7?T..JV.7?T.Rich6?T.........................PE..d...Z..f.........." ................P.....................................................`..........................................8..d....8..d....`.......P..4............p..(....1...............................1..8............0...............................text...H........................... ..`.rdata..0....0......................@..@.data........@.......&..............@....pdata..4....P.......(..............@..@.rsrc........`.......,..............@..@.reloc..(....p......................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_curve25519.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):22528
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.705606408072877
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:19BcRxBmau38CYIl9bhgIW0mvufueNr359/tjGGDEFSegqrA:NcRy38J+9dmvufFtaGDV
                                                                                                                                                                                                                                                                                                          MD5:FF33C306434DEC51D39C7BF1663E25DA
                                                                                                                                                                                                                                                                                                          SHA1:665FCF47501F1481534597C1EAC2A52886EF0526
                                                                                                                                                                                                                                                                                                          SHA-256:D0E3B6A2D0E073B2D9F0FCDB051727007943A17A4CA966D75EBA37BECDBA6152
                                                                                                                                                                                                                                                                                                          SHA-512:66A909DC9C3B7BD4050AA507CD89B0B3A661C85D33C881522EC9568744953B698722C1CBFF093F9CBCD6119BD527FECAB05A67F2E32EC479BE47AFFA4377362C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d...\..f.........." .....6...$......P.....................................................`.........................................`Y......`Z..d............p..................(....R..............................0R..8............P...............................text...(5.......6.................. ..`.rdata.......P.......:..............@..@.data........`.......J..............@....pdata.......p.......P..............@..@.rsrc................T..............@..@.reloc..(............V..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_curve448.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):70656
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.0189903352673655
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:Jfju4GgRMgWWnEDZiECgd/iwOXUQdbhov0Clb8Cx4hpK8ithLFIDullRPwDHxXOa:pXRMgWiEDZiECgd/iwOXUQdbhov0ClbU
                                                                                                                                                                                                                                                                                                          MD5:F267BF4256F4105DAD0D3E59023011ED
                                                                                                                                                                                                                                                                                                          SHA1:9BC6CA0F375CE49D5787C909D290C07302F58DA6
                                                                                                                                                                                                                                                                                                          SHA-256:1DDE8BE64164FF96B2BAB88291042EB39197D118422BEE56EB2846E7A2D2F010
                                                                                                                                                                                                                                                                                                          SHA-512:A335AF4DBF1658556ED5DC13EE741419446F7DAEC6BD2688B626A803FA5DD76463D6367C224E0B79B17193735E2C74BA417C26822DAEEF05AC3BAB1588E2DE83
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d...\..f.........." .........8......`........................................P............`.............................................0.......d....0....... ..$............@..(.......................................8............................................text...8........................... ..`.rdata..............................@..@.data...............................@....pdata..$.... ......................@..@.rsrc........0......................@..@.reloc..(....@......................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ec_ws.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):770560
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.613224993327352
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12288:XtIrHoxJ8gf1266y8IXhJvCKAmqVLzcrZgYIMGv1iLD9yQvG6h:XtIrHoxJFf1p34hcrn5Go9yQO6
                                                                                                                                                                                                                                                                                                          MD5:1EFD7F7CB1C277416011DE6F09C355AF
                                                                                                                                                                                                                                                                                                          SHA1:C0F97652AC2703C325AB9F20826A6F84C63532F2
                                                                                                                                                                                                                                                                                                          SHA-256:AB45FA80A68DB1635D41DC1A4AAD980E6716DAC8C1778CB5F30CDB013B7DF6E6
                                                                                                                                                                                                                                                                                                          SHA-512:2EC4B88A1957733043BBD63CEAA6F5643D446DB607B3267FAD1EC611E6B0AF697056598AAC2AE5D44AB2B9396811D183C32BCE5A0FF34E583193A417D1C5226B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........s.. .. .. ... .. ..!.. ..!.. .. .. ..!.. ..!.. ..!.. \..!.. \..!.. \.r .. \..!.. Rich.. ................PE..d...[..f.........." ................`.....................................................`.............................................h.......d...............................0......................................8...............(............................text............................... ..`.rdata..............................@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..0...........................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ed25519.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):26112
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.8551858881598795
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:BczadRwoF2MZ81n0XTyMCYIl9bhgIW0mv8aeadRcwRwftjGLD2pRQNgQQ77k:2udRf2MuMJ+9dmv8aea34taLDcfQ
                                                                                                                                                                                                                                                                                                          MD5:C5FB377F736ED731B5578F57BB765F7A
                                                                                                                                                                                                                                                                                                          SHA1:5BA51E11F4DE1CAEDEBA0F7D4D10EC62EC109E01
                                                                                                                                                                                                                                                                                                          SHA-256:32073DF3D5C85ABCE7D370D6E341EF163A8350F6A9EDC775C39A23856CCFDD53
                                                                                                                                                                                                                                                                                                          SHA-512:D361BCDAF2C700D5A4AC956D96E00961432C05A1B692FC870DB53A90F233A6D24AA0C3BE99E40BD8E5B7C6C1B2BCDCDCFC545292EF321486FFC71C5EA7203E6A
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d...]..f.........." .....B...&......P.....................................................`..........................................i..0....k..d...............................(... b..............................@b..8............`...............................text....A.......B.................. ..`.rdata..P....`.......F..............@..@.data........p.......V..............@....pdata...............^..............@..@.rsrc................b..............@..@.reloc..(............d..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\PublicKey\_ed448.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):84992
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.064677498000638
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:BrYNvxcZeLrIeNs2qkTwe57DsuP45PqAqVDK9agdUiwOXyQdDrov0slb8gx4TBKW:Br4vxcZeLrIeN1TvHsuP45yAqVDK9ag3
                                                                                                                                                                                                                                                                                                          MD5:8A0C0AA820E98E83AC9B665A9FD19EAF
                                                                                                                                                                                                                                                                                                          SHA1:6BF5A14E94D81A55A164339F60927D5BF1BAD5C4
                                                                                                                                                                                                                                                                                                          SHA-256:4EE3D122DCFFE78E6E7E76EE04C38D3DC6A066E522EE9F7AF34A09649A3628B1
                                                                                                                                                                                                                                                                                                          SHA-512:52496AE7439458DEDB58A65DF9FFDCC3A7F31FC36FE7202FB43570F9BB03ABC0565F5EF32E5E6C048ED3EBC33018C19712E58FF43806119B2FB5918612299E7E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d...^..f.........." .........8......`.....................................................`..........................................C..h...HE..d....p.......`..l...............(....1...............................1..8............0...............................text............................... ..`.rdata.......0......................@..@.data........P.......4..............@....pdata..l....`.......>..............@..@.rsrc........p.......H..............@..@.reloc..(............J..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util\_cpuid_c.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):10240
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.675380950473425
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:frQRpBddzAvzrqTOy/ThIz014mlxuLnkC75JiSBhsPeSztllIDpqf4AZaRcX6gnO:Qddz2KTnThIz0qfteRIDgRWcqgnCWt
                                                                                                                                                                                                                                                                                                          MD5:44B930B89CE905DB4716A548C3DB8DEE
                                                                                                                                                                                                                                                                                                          SHA1:948CBFF12A243C8D17A7ACD3C632EE232DF0F0ED
                                                                                                                                                                                                                                                                                                          SHA-256:921C2D55179C0968535B20E9FD7AF55AD29F4CE4CF87A90FE258C257E2673AA5
                                                                                                                                                                                                                                                                                                          SHA-512:79DF755BE8B01D576557A4CB3F3200E5EE1EDE21809047ABB9FF8D578C535AC1EA0277EDA97109839A7607AF043019F2C297E767441C7E11F81FDC87FD1B6EFC
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d...X..f.........." ................P........................................p............`.........................................@'..|....'..P....P.......@...............`..(....!...............................!..8............ ...............................text............................... ..`.rdata....... ......................@..@.data...H....0....... ..............@....pdata.......@......."..............@..@.rsrc........P.......$..............@..@.reloc..(....`.......&..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\Crypto\Util\_strxor.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):10240
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.625428549874022
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:flipBddzAvzrqTOy/ThIz014mlxuLnkC75JiSBhsPeSzteXuDVZqYNIfcX6gHCWx:Cddz2KTnThIz0qfteR5DVwYkcqgHCWt
                                                                                                                                                                                                                                                                                                          MD5:F24F9356A6BDD29B9EF67509A8BC3A96
                                                                                                                                                                                                                                                                                                          SHA1:A26946E938304B4E993872C6721EB8CC1DCBE43B
                                                                                                                                                                                                                                                                                                          SHA-256:034BB8EFE3068763D32C404C178BD88099192C707A36F5351F7FDB63249C7F81
                                                                                                                                                                                                                                                                                                          SHA-512:C4D3F92D7558BE1A714388C72F5992165DD7A9E1B4FA83B882536030542D93FDAD9148C981F76FFF7868192B301AC9256EDB8C3D5CE5A1A2ACAC183F96C1028B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d...Z..f.........." ................P........................................p............`......................................... '..t....'..P....P.......@...............`..(....!...............................!..8............ ...............................text...h........................... ..`.rdata..`.... ......................@..@.data...H....0....... ..............@....pdata.......@......."..............@..@.rsrc........P.......$..............@..@.reloc..(....`.......&..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\VCRUNTIME140.dll

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):120400
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.6017475353076716
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:N9TXF5LLXQLlNycKW+D4SdqJk6aN1ACuyxLiyazYaCVoecbdhgOwAd+zfZ1zu:N9jelDoD9uyxLizzFzecbdPwA87S
                                                                                                                                                                                                                                                                                                          MD5:862F820C3251E4CA6FC0AC00E4092239
                                                                                                                                                                                                                                                                                                          SHA1:EF96D84B253041B090C243594F90938E9A487A9A
                                                                                                                                                                                                                                                                                                          SHA-256:36585912E5EAF83BA9FEA0631534F690CCDC2D7BA91537166FE53E56C221E153
                                                                                                                                                                                                                                                                                                          SHA-512:2F8A0F11BCCC3A8CB99637DEEDA0158240DF0885A230F38BB7F21257C659F05646C6B61E993F87E0877F6BA06B347DDD1FC45D5C44BC4E309EF75ED882B82E4E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......\=..\...\...\..S$...\...$...\...\..5\...\...\.....\.....\.....\.....\......\.....\..Rich.\..........PE..d.....x.........." ...).$...d............................................................`A........................................0u..4...d}..........................PP...........^..p............................\..@............@...............................text............................... ..`fothk........0...................... ..`.rdata...C...@...D...(..............@..@.data................l..............@....pdata...............p..............@..@_RDATA...............|..............@..@.rsrc................~..............@..@.reloc..............................@..B................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\VCRUNTIME140_1.dll

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):49744
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.701724666218339
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:ApzzO6ujT3MbR3v0Cz6SR8q83yaFdWr9zRcmgEl6U9zSC:9q/oGw3fFdwzRcmZFzSC
                                                                                                                                                                                                                                                                                                          MD5:68156F41AE9A04D89BB6625A5CD222D4
                                                                                                                                                                                                                                                                                                          SHA1:3BE29D5C53808186EBA3A024BE377EE6F267C983
                                                                                                                                                                                                                                                                                                          SHA-256:82A2F9AE1E6146AE3CB0F4BC5A62B7227E0384209D9B1AEF86BBCC105912F7CD
                                                                                                                                                                                                                                                                                                          SHA-512:F7BF8AD7CD8B450050310952C56F6A20B378A972C822CCC253EF3D7381B56FFB3CA6CE3323BEA9872674ED1C02017F78AB31E9EB9927FC6B3CBA957C247E5D57
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......?.{...{...{...0...y.......y...r.H.p...{...H.......|.......`.......~.......z.....$.z.......z...Rich{...........PE..d...l0.?.........." ...).<...8.......@...............................................b....`A........................................pm.......m..x....................r..PP......D....c..p...........................`b..@............P..`............................text....;.......<.................. ..`.rdata.."#...P...$...@..............@..@.data................d..............@....pdata...............f..............@..@.rsrc................l..............@..@.reloc..D............p..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_asyncio.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):70928
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.242470629630265
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:FCIB0WWuqkJS86D6rznO6uqM+lY5ZkesIcydIJvn/5YiSyvT2ETh:FCY0WStDwnOLYY5ZkeddIJvnx7Sy75h
                                                                                                                                                                                                                                                                                                          MD5:80083B99812171FEA682B1CF38026816
                                                                                                                                                                                                                                                                                                          SHA1:365FB5B0C652923875E1C7720F0D76A495B0E221
                                                                                                                                                                                                                                                                                                          SHA-256:DBEAE7CB6F256998F9D8DE79D08C74D716D819EB4473B2725DBE2D53BA88000A
                                                                                                                                                                                                                                                                                                          SHA-512:33419B9E18E0099DF37D22E33DEBF15D57F4248346B17423F2B55C8DA7CBE62C19AA0BB5740CFAAC9BC6625B81C54367C0C476EAECE71727439686567F0B1234
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........Z...........%.....................................................K...................I...........Rich...................PE..d......g.........." ...).d................................................... ............`.........................................`...P.......d......................../.............T...............................@...............(............................text...)b.......d.................. ..`.rdata...O.......P...h..............@..@.data...`...........................@....pdata..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_bz2.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):84240
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.607563436050078
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:Kdrz7l1EVLsSuvX3dUK4MLgqK7YEog8y5sV8lIJLVy7SyFB:urzcuvXvrEo7y6V8lIJLVyB
                                                                                                                                                                                                                                                                                                          MD5:CB8C06C8FA9E61E4AC5F22EEBF7F1D00
                                                                                                                                                                                                                                                                                                          SHA1:D8E0DFC8127749947B09F17C8848166BAC659F0D
                                                                                                                                                                                                                                                                                                          SHA-256:FC3B481684B926350057E263622A2A5335B149A0498A8D65C4F37E39DD90B640
                                                                                                                                                                                                                                                                                                          SHA-512:E6DA642B7200BFB78F939F7D8148581259BAA9A5EDDA282C621D14BA88083A9B9BD3D17B701E9CDE77AD1133C39BD93FC9D955BB620546BB4FCF45C68F1EC7D6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......e...!m..!m..!m..(.o.+m..1...#m..1..."m..1...%m..1...)m..1...,m..i..."m..j...#m..!m..|m..i...)m..i... m..i... m..i... m..Rich!m..........PE..d.....g.........." ...).....\......0........................................P......7[....`.............................................H...(........0....... .. ......../...@..........T...........................`...@...............x............................text............................... ..`.rdata...=.......>..................@..@.data...............................@....pdata.. .... ......................@..@.rsrc........0......................@..@.reloc.......@......................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_cffi_backend.cp313-win_amd64.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):179200
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.189919896183334
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:X3LjFuaTzDGA3GrJwUdoSPhpRv9JUizQWS7LkSTLkKWgFIPXD0:X3QaT3GA3NSPhDsizTikSTLLWgF0z0
                                                                                                                                                                                                                                                                                                          MD5:5CBA92E7C00D09A55F5CBADC8D16CD26
                                                                                                                                                                                                                                                                                                          SHA1:0300C6B62CD9DB98562FDD3DE32096AB194DA4C8
                                                                                                                                                                                                                                                                                                          SHA-256:0E3D149B91FC7DC3367AB94620A5E13AF6E419F423B31D4800C381468CB8AD85
                                                                                                                                                                                                                                                                                                          SHA-512:7AB432C8774A10F04DDD061B57D07EBA96481B5BB8C663C6ADE500D224C6061BC15D17C74DA20A7C3CEC8BBF6453404D553EBAB22D37D67F9B163D7A15CF1DED
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......i..#-p.p-p.p-p.p$..p!p.p=.q/p.p=.zp)p.p=.q)p.p=.q%p.p=.q!p.pf..q)p.p9.q.p.p-p.p.p.pe..q)p.p$..p,p.pe..q,p.pe.xp,p.pe..q,p.pRich-p.p........................PE..d..._..f.........." ...).....B......@........................................0............`..........................................h..l....i..................T............ ......0O...............................M..@............................................text............................... ..`.rdata..............................@..@.data....].......0...n..............@....pdata..T...........................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_ctypes.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):131344
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.311142284249784
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:3RF024DWkT/DKGkXY402iXnVJf/FO50XnekZ39gPhvEQZIJyPArm:j0nHT/DKFXZorf/FO50uW3SEQt
                                                                                                                                                                                                                                                                                                          MD5:A55E57D7594303C89B5F7A1D1D6F2B67
                                                                                                                                                                                                                                                                                                          SHA1:904A9304A07716497CF3E4EAAFD82715874C94F1
                                                                                                                                                                                                                                                                                                          SHA-256:F63C6C7E71C342084D8F1A108786CA6975A52CEFEF8BE32CC2589E6E2FE060C8
                                                                                                                                                                                                                                                                                                          SHA-512:FFA61AD2A408A831B5D86B201814256C172E764C9C1DBE0BD81A2E204E9E8117C66F5DFA56BB7D74275D23154C0ED8E10D4AE8A0D0564434E9761D754F1997FC
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........h~..............q...............................................q.......q......!u.............................................Rich....................PE..d.....g.........." ...).............h....................................... .......Z....`.........................................P.................................../...........=..T............................;..@............0...............................text............................... ..`.rdata...y...0...z..................@..@.data....$....... ..................@....pdata..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_decimal.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):277776
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.5855511991551
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6144:x9iD78EIq4x4OA5bZZ0KDgQcI79qWM53pLW1AFR8E4wXw76TPlpV77777VMvyk:xwDGqr5b8EgQ5+w6k
                                                                                                                                                                                                                                                                                                          MD5:F3377F3DE29579140E2BBAEEFD334D4F
                                                                                                                                                                                                                                                                                                          SHA1:B3076C564DBDFD4CA1B7CC76F36448B0088E2341
                                                                                                                                                                                                                                                                                                          SHA-256:B715D1C18E9A9C1531F21C02003B4C6726742D1A2441A1893BC3D79D7BB50E91
                                                                                                                                                                                                                                                                                                          SHA-512:34D9591590BBA20613691A5287EF329E5927A58127CE399088B4D68A178E3AF67159A8FC55B4FCDCB08AE094753B20DEC2AC3F0B3011481E4ED6F37445CECDD5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........j2U..\...\...\..s....\..]...\.._...\..X...\..Y...\...]...\..s]...\...].z.\..._...\...Q...\...\...\.......\...^...\.Rich..\.........................PE..d......g.........." ...).....Z...............................................P......W.....`.................................................L........0..........t+......./...@..........T...............................@............... ............................text.............................. ..`.rdata..\...........................@..@.data...8'......."..................@....pdata..t+.......,..................@..@.rsrc........0......................@..@.reloc.......@......................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_hashlib.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):64272
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.220967684620152
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:eNJI0DWiflFwY9X3Th1JnptE462TxNvdbj4dIJvI75YiSyvE62Em:2LDxflFwY9XDhPfVNv+dIJvIF7Syc6c
                                                                                                                                                                                                                                                                                                          MD5:32D76C9ABD65A5D2671AEEDE189BC290
                                                                                                                                                                                                                                                                                                          SHA1:0D4440C9652B92B40BB92C20F3474F14E34F8D62
                                                                                                                                                                                                                                                                                                          SHA-256:838D5C8B7C3212C8429BAF612623ABBBC20A9023EEC41E34E5461B76A285B86C
                                                                                                                                                                                                                                                                                                          SHA-512:49DC391F4E63F4FF7D65D6FD837332745CC114A334FD61A7B6AA6F710B235339964B855422233FAC4510CCB9A6959896EFE880AB24A56261F78B2A0FD5860CD9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........W.A.6...6...6...N%..6.......6.......6.......6.......6.......6...N...6.......6...6..26.......6.......6....I..6.......6..Rich.6..........PE..d......g.........." ...).P...~.......=..............................................!.....`.........................................p...P................................/......X....l..T............................k..@............`...............................text....N.......P.................. ..`.rdata...M...`...N...T..............@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..X...........................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_lzma.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):157968
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.854644275249963
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:KbbS4R/G4Z8r7NjwJTSUqCRY4By7znfB9mNowgn0lCelIJ012+j:KbR/8oWeBi5YOwflCe8o
                                                                                                                                                                                                                                                                                                          MD5:1BA022D42024A655CF289544AE461FB8
                                                                                                                                                                                                                                                                                                          SHA1:9772A31083223ECF66751FF3851D2E3303A0764C
                                                                                                                                                                                                                                                                                                          SHA-256:D080EABD015A3569813A220FD4EA74DFF34ED2A8519A10473EB37E22B1118A06
                                                                                                                                                                                                                                                                                                          SHA-512:2B888A2D7467E29968C6BB65AF40D4B5E80722FFDDA760AD74C912F3A2F315D402F3C099FDE82F00F41DE6C9FAAEDB23A643337EB8821E594C567506E3464C62
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........7...V.,.V.,.V.,...,.V.,..-.V.,..-.V.,..-.V.,..-.V.,..-.V.,...-.V.,.V.,.V.,..-.V.,..-.V.,..u,.V.,..-.V.,Rich.V.,................PE..d......g.........." ...).`...........1.......................................p.......P....`.............................................L.......x....P.......0.......:.../...`..4....|..T...........................P{..@............p...............................text...^^.......`.................. ..`.rdata.......p.......d..............@..@.data........ ......................@....pdata.......0......................@..@.rsrc........P......................@..@.reloc..4....`.......8..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_multiprocessing.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):35600
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.416657776501014
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:6wehui7ZmQW/3OUDxEiNIJntJ5YiSyvSJz2Ec:whuilG+UDxEiNIJntX7Sy+zO
                                                                                                                                                                                                                                                                                                          MD5:705AC24F30DC9487DC709307D15108ED
                                                                                                                                                                                                                                                                                                          SHA1:E9E6BA24AF9947D8995392145ADF62CAC86BA5D8
                                                                                                                                                                                                                                                                                                          SHA-256:59134B754C6ACA9449E2801E9E7ED55279C4F1ED58FE7A7A9F971C84E8A32A6C
                                                                                                                                                                                                                                                                                                          SHA-512:F5318EBB91F059F0721D75D576B39C7033D566E39513BAD8E7E42CCC922124A5205010415001EE386495F645238E2FF981A8B859F0890DC3DA4363EB978FDBA7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......2.Y)v.7zv.7zv.7z..zt.7zf,6{t.7zf,4{u.7zf,3{~.7zf,2{{.7z>-6{t.7zv.6z..7z=.6{s.7z>-:{t.7z>-7{w.7z>-.zw.7z>-5{w.7zRichv.7z........PE..d......g.........." ...). ...>......@...............................................%.....`......................................... E..`....E..x............p.......\.../...........4..T............................3..@............0...............................text............ .................. ..`.rdata..6 ...0..."...$..............@..@.data...p....`.......F..............@....pdata.......p.......L..............@..@.rsrc................P..............@..@.reloc...............Z..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_overlapped.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):55568
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.3313243577146485
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:+kMm7HdG/l5fW3UguCE+eRIJWtd7SyJds:+wIQUFCEbRIJWtd6
                                                                                                                                                                                                                                                                                                          MD5:A72527454DD6DA346DDB221FC729E3D4
                                                                                                                                                                                                                                                                                                          SHA1:0276387E3E0492A0822DB4EABE23DB8C25EF6E6F
                                                                                                                                                                                                                                                                                                          SHA-256:404353D7B867749FA2893033BD1EBF2E3F75322D4015725D697CFA5E80EC9D0F
                                                                                                                                                                                                                                                                                                          SHA-512:FEFB543D20520F86B63E599A56E2166599DFA117EDB2BEB5E73FC8B43790543702C280A05CCFD9597C0B483F637038283DD48EF8C88B4EA6BAC411EC0043B10A
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........N.{X/.(X/.(X/.(QW_(\/.(H..)Z/.(H..)[/.(H..)P/.(H..)T/.(...)Z/.(X/.(//.(.W.)]/.(.W.)Y/.(...)Y/.(...)Y/.(..3(Y/.(...)Y/.(RichX/.(........................PE..d.....g.........." ...).L...`......@................................................}....`.............................................X................................/......(....f..T............................e..@............`...............................text....J.......L.................. ..`.rdata...8...`...:...P..............@..@.data...@...........................@....pdata..............................@..@.rsrc...............................@..@.reloc..(...........................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_queue.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):33552
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.446391764486538
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:7GpPCRjqMu/AoS6rf7sif0NHQibZIJ9UoOHQIYiSy1pCQ5xX1rSJIVE8E9VF0Nyf:fkTM6rg9aeZIJ9Uok5YiSyvTo2Et
                                                                                                                                                                                                                                                                                                          MD5:1C03CAA59B5E4A7FB9B998D8C1DA165A
                                                                                                                                                                                                                                                                                                          SHA1:8A318F80A705C64076E22913C2206D9247D30CD7
                                                                                                                                                                                                                                                                                                          SHA-256:B9CF502DADCB124F693BF69ECD7077971E37174104DBDA563022D74961A67E1E
                                                                                                                                                                                                                                                                                                          SHA-512:783ECDA7A155DFC96A718D5A130FB901BBECBED05537434E779135CBA88233DD990D86ECA2F55A852C9BFB975074F7C44D8A3E4558D7C2060F411CE30B6A915F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........T...........-.........................................................................A...........Rich...................PE..d.....g.........." ...).....:.......................................................r....`.........................................PD..L....D..d....p.......`..l....T.../..........@4..T............................3..@............0...............................text............................... ..`.rdata..2....0....... ..............@..@.data........P.......>..............@....pdata..l....`.......D..............@..@.rsrc........p.......H..............@..@.reloc...............R..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_socket.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):83728
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.331814573029388
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:XuV3gvWHQdMq3ORC/OypTXQlyJ+9+nzEYwsBI6tzOKuZIJywJ7Sy21:XuVQvcQTSypTXQlyJs+nzEYJI6QlZIJY
                                                                                                                                                                                                                                                                                                          MD5:FE896371430BD9551717EF12A3E7E818
                                                                                                                                                                                                                                                                                                          SHA1:E2A7716E9CE840E53E8FC79D50A77F40B353C954
                                                                                                                                                                                                                                                                                                          SHA-256:35246B04C6C7001CA448554246445A845CE116814A29B18B617EA38752E4659B
                                                                                                                                                                                                                                                                                                          SHA-512:67ECD9A07DF0A07EDD010F7E3732F3D829F482D67869D6BCE0C9A61C24C0FDC5FF4F4E4780B9211062A6371945121D8883BA2E9E2CF8EB07B628547312DFE4C9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............ll}.ll}.ll}...}.ll}..m|.ll}..o|.ll}..h|.ll}..i|.ll}..m|.ll}.lm}.ll}..m|.ll}..a|.ll}..l|.ll}..}.ll}..n|.ll}Rich.ll}........PE..d.....g.........." ...).x.......... -.......................................`.......s....`.........................................@...P............@.......0.........../...P..........T...........................@...@............................................text....w.......x.................. ..`.rdata.. y.......z...|..............@..@.data...............................@....pdata.......0......................@..@.rsrc........@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_sqlite3.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):128272
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.294497957566744
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:N+tZdKmXhyn/qO6ItCpz6j5yQyshiKftdIJvQJL:NGZVwnxHssj5lhiYR
                                                                                                                                                                                                                                                                                                          MD5:D4E5BE27410897AC5771966E33B418C7
                                                                                                                                                                                                                                                                                                          SHA1:5D18FF3CC196557ED40F2F46540B2BFE02901D98
                                                                                                                                                                                                                                                                                                          SHA-256:3E625978D7C55F4B609086A872177C4207FB483C7715E2204937299531394F4C
                                                                                                                                                                                                                                                                                                          SHA-512:4D40B4C6684D3549C35ED96BEDD6707CE32DFAA8071AEADFBC682CF4B7520CFF08472F441C50E0D391A196510F8F073F26AE8B2D1E9B1AF5CF487259CC6CCC09
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........V...7.7.7.Oc..7...7.....7...7.....7.....7...7..O.7.7.6.....7...7.....7...7.Rich.7.........................PE..d......g.........." ...)............................................................[.....`..........................................{..P...P{.........................../..............T...............................@...............H............................text...t........................... ..`.rdata.............................@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_ssl.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):181520
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.972827303352998
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:kO+IWyXHllRhN1qhep7fM6CpqjZI8u7pUULbaLZErWreVEzvT3iFCNc6tYwJc1OW:kpSrhN1E2M6CpUuwg5dEW7
                                                                                                                                                                                                                                                                                                          MD5:1C0E3E447F719FBE2601D0683EA566FC
                                                                                                                                                                                                                                                                                                          SHA1:5321AB73B36675B238AB3F798C278195223CD7B1
                                                                                                                                                                                                                                                                                                          SHA-256:63AE2FEFBFBBBC6EA39CDE0A622579D46FF55134BC8C1380289A2976B61F603E
                                                                                                                                                                                                                                                                                                          SHA-512:E1A430DA2A2F6E0A1AED7A76CC4CD2760B3164ABC20BE304C1DB3541119942508E53EA3023A52B8BADA17A6052A7A51A4453EFAD1A888ACB3B196881226C2E5C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......FM.^.,k..,k..,k..T...,k...j..,k...h..,k...o..,k...n..,k.J.j..,k...j..,k..,j..-k.ITj..,k.J.f..,k.J.k..,k.J....,k.J.i..,k.Rich.,k.................PE..d......g.........." ...)............ /..............................................R\....`.............................................d................................/..............T...........................P...@............................................text...0........................... ..`.rdata..D%.......&..................@..@.data...`...........................@....pdata...............n..............@..@.rsrc................z..............@..@.reloc..............................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\_wmi.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):38160
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.338856805460127
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:fEkK9VgWOZbs3550QcJpPllIJLiX5YiSyvQ602Euf0:fE93jkbQcJvlIJLiJ7Syq00
                                                                                                                                                                                                                                                                                                          MD5:1C30CC7DF3BD168D883E93C593890B43
                                                                                                                                                                                                                                                                                                          SHA1:31465425F349DAE4EDAC9D0FEABC23CE83400807
                                                                                                                                                                                                                                                                                                          SHA-256:6435C679A3A3FF4F16708EBC43F7CA62456C110AC1EA94F617D8052C90C143C7
                                                                                                                                                                                                                                                                                                          SHA-512:267A1807298797B190888F769D998357B183526DFCB25A6F1413E64C5DCCF87F51424B7E5D6F2349D7A19381909AB23B138748D8D9F5858F7DC0552F5C5846AC
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........H2.&a.&a.&a..a.&a..'`.&a..%`.&a.."`.&a..'`.&a..#`.&a..'`.&a.'a..&a.."`.&a../`.&a..&`.&a...a.&a..$`.&aRich.&a................PE..d.....g.........." ...).,...<.......)..............................................'.....`.........................................0V..H...xV.......................f.../......x...tG..T............................C..@............@.......T..@....................text....*.......,.................. ..`.rdata..d ...@..."...0..............@..@.data........p.......R..............@....pdata...............V..............@..@.rsrc................Z..............@..@.reloc..x............d..............@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\base_library.zip

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1394456
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.531698507573688
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12288:IW7WpLV6yNLeGQbVz3YQfiBgDPtLwjFx278e6ZQnHS91lqyL+DXUgnxOr+dx5/GO:B7WpLtHa9BHSHAW+dx5/GP05vddD
                                                                                                                                                                                                                                                                                                          MD5:A9CBD0455B46C7D14194D1F18CA8719E
                                                                                                                                                                                                                                                                                                          SHA1:E1B0C30BCCD9583949C247854F617AC8A14CBAC7
                                                                                                                                                                                                                                                                                                          SHA-256:DF6C19637D239BFEDC8CD13D20E0938C65E8FDF340622FF334DB533F2D30FA19
                                                                                                                                                                                                                                                                                                          SHA-512:B92468E71490A8800E51410DF7068DD8099E78C79A95666ECF274A9E9206359F049490B8F60B96081FAFD872EC717E67020364BCFA972F26F0D77A959637E528
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:PK..........!..b.e............_collections_abc.pyc......................................\.....S.r.S.S.K.J.r.J.r. .S.S.K.r.\.".\.\.....5.......r.\.".S.5.......r.S...r.\.".\.5.......r.C./.S.Q.r.S.r.\.".\.".S.5.......5.......r.\.".\.".\.".5.......5.......5.......r.\.".\.".0.R%..................5.......5.......5.......r.\.".\.".0.R)..................5.......5.......5.......r.\.".\.".0.R-..................5.......5.......5.......r.\.".\."./.5.......5.......r.\.".\.".\."./.5.......5.......5.......r.\.".\.".\.".S.5.......5.......5.......r.\.".\.".\.".S.S.-...5.......5.......5.......r.\.".\.".\.".5.......5.......5.......r.\.".\.".S.5.......5.......r \.".\.".S.5.......5.......r!\.".\.".\"".5.......5.......5.......r#\.".0.R%..................5.......5.......r$\.".0.R)..................5.......5.......r%\.".0.R-..................5.......5.......r&\.".\.RN..................5.......r(S...r)\)".5.......r*C)\.".S...".5.......5.......r+S...r,\,".5.......r,\.".\,5.......r-\,R]..................5.......

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\certifi\cacert.pem

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):299427
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.047872935262006
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6144:QW1x/M8fRR1jplkXURrVADwYCuCigT/QRSRqNb7d8iu5Nahx:QWb/TRJLWURrI5RWavdF08/
                                                                                                                                                                                                                                                                                                          MD5:50EA156B773E8803F6C1FE712F746CBA
                                                                                                                                                                                                                                                                                                          SHA1:2C68212E96605210EDDF740291862BDF59398AEF
                                                                                                                                                                                                                                                                                                          SHA-256:94EDEB66E91774FCAE93A05650914E29096259A5C7E871A1F65D461AB5201B47
                                                                                                                                                                                                                                                                                                          SHA-512:01ED2E7177A99E6CB3FBEF815321B6FA036AD14A3F93499F2CB5B0DAE5B713FD2E6955AA05F6BDA11D80E9E0275040005E5B7D616959B28EFC62ABB43A3238F0
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.# Issuer: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Subject: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Label: "GlobalSign Root CA".# Serial: 4835703278459707669005204.# MD5 Fingerprint: 3e:45:52:15:09:51:92:e1:b7:5d:37:9f:b1:87:29:8a.# SHA1 Fingerprint: b1:bc:96:8b:d4:f4:9d:62:2a:a8:9a:81:f2:15:01:52:a4:1d:82:9c.# SHA256 Fingerprint: eb:d4:10:40:e4:bb:3e:c7:42:c9:e3:81:d3:1e:f2:a4:1a:48:b6:68:5c:96:e7:ce:f3:c1:df:6c:d4:33:1c:99.-----BEGIN CERTIFICATE-----.MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG.A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv.b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw.MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i.YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT.aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ.jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp.xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer\md.cp313-win_amd64.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):10752
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.818583535960129
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:Mvs10hZd9D74ACb0xx2uKynu10YLsgxwJiUNiL0U5IZsJFPGDtCFCCQAADo+cX6m:MXv9XFCk2z1/t12iwU5usJFuCyPcqgE
                                                                                                                                                                                                                                                                                                          MD5:56FE4F6C7E88212161F49E823CCC989A
                                                                                                                                                                                                                                                                                                          SHA1:16D5CBC5F289AD90AEAA4FF7CB828627AC6D4ACF
                                                                                                                                                                                                                                                                                                          SHA-256:002697227449B6D69026D149CFB220AC85D83B13056C8AA6B9DAC3FD3B76CAA4
                                                                                                                                                                                                                                                                                                          SHA-512:7C9D09CF9503F73E6F03D30E54DBB50606A86D09B37302DD72238880C000AE2B64C99027106BA340753691D67EC77B3C6E5004504269508F566BDB5E13615F1E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........k............r_...........r................................................3..........Rich....................PE..d....$.g.........." ...).....................................................p............`..........................................'..p...`(..d....P.......@...............`..,...`#.............................. "..@............ ...............................text............................... ..`.rdata....... ......................@..@.data........0......."..............@....pdata.......@.......$..............@..@.rsrc........P.......&..............@..@.reloc..,....`.......(..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\charset_normalizer\md__mypyc.cp313-win_amd64.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):124928
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.953784637413928
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:JDE+0ov6ojgN3qN8h51Zlh+YW5E38vCsmLS:JdefPZE2ICDLS
                                                                                                                                                                                                                                                                                                          MD5:10116447F9276F10664BA85A5614BA3A
                                                                                                                                                                                                                                                                                                          SHA1:EFD761A3E6D14E897D37AFB0C7317C797F7AE1D6
                                                                                                                                                                                                                                                                                                          SHA-256:C393098E7803ABF08EE8F7381AD7B0F8FAFFBF66319C05D72823308E898F8CFC
                                                                                                                                                                                                                                                                                                          SHA-512:C04461E52B7FE92D108CBDEB879B7A8553DD552D79C88DFA3F5D0036EED8D4B8C839C0BF2563BC0C796F8280ED2828CA84747CB781D2F26B44214FCA2091EAE4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........y.....................7...............7.......7.......7.......6..........D....6.......6.......6.......6......Rich............................PE..d....$.g.........." ...).@...........C.......................................0............`.........................................0...d.................................... ......................................P...@............P...............................text....?.......@.................. ..`.rdata..nY...P...Z...D..............@..@.data....=.......0..................@....pdata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\libcrypto-3.dll

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):5232408
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.940072183736028
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:98304:/V+Qs2NuR5YV0L8PQ1CPwDvt3uFlDC4SC9c:9rs2NuDYV0L841CPwDvt3uFlDC4SCa
                                                                                                                                                                                                                                                                                                          MD5:123AD0908C76CCBA4789C084F7A6B8D0
                                                                                                                                                                                                                                                                                                          SHA1:86DE58289C8200ED8C1FC51D5F00E38E32C1AAD5
                                                                                                                                                                                                                                                                                                          SHA-256:4E5D5D20D6D31E72AB341C81E97B89E514326C4C861B48638243BDF0918CFA43
                                                                                                                                                                                                                                                                                                          SHA-512:80FAE0533BA9A2F5FA7806E86F0DB8B6AAB32620DDE33B70A3596938B529F3822856DE75BDDB1B06721F8556EC139D784BC0BB9C8DA0D391DF2C20A80D33CB04
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........._~.._~.._~..V.S.M~.....]~.....[~.....W~.....S~.._~...~......T~..J....~..J...7}..J...^~..J.?.^~..J...^~..Rich_~..........................PE..d......f.........." ...(..7..<......v........................................0P.......O...`...........................................H.0.....O.@....@O.|.... L. .....O../...PO.$...`{D.8............................yD.@.............O..............................text.....7.......7................. ..`.rdata........7.......7.............@..@.data...Ao....K..<....K.............@....pdata....... L.......K.............@..@.idata...%....O..&....N.............@..@.00cfg..u....0O.......N.............@..@.rsrc...|....@O.......N.............@..@.reloc..~....PO.......N.............@..B................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\libffi-8.dll

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):39696
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.641880464695502
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:768:NiQfxQemQJNrPN+moyijAc5YiSyvkIPxWEqG:dfxIQvPkmoyijP7SytPxF
                                                                                                                                                                                                                                                                                                          MD5:0F8E4992CA92BAAF54CC0B43AACCCE21
                                                                                                                                                                                                                                                                                                          SHA1:C7300975DF267B1D6ADCBAC0AC93FD7B1AB49BD2
                                                                                                                                                                                                                                                                                                          SHA-256:EFF52743773EB550FCC6CE3EFC37C85724502233B6B002A35496D828BD7B280A
                                                                                                                                                                                                                                                                                                          SHA-512:6E1B223462DC124279BFCA74FD2C66FE18B368FFBCA540C84E82E0F5BCBEA0E10CC243975574FA95ACE437B9D8B03A446ED5EE0C9B1B094147CEFAF704DFE978
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........iV...8...8...8..p....8.t9...8.p9...8...9...8.t=...8.t<...8.t;...8.1t<...8.1t;...8.1t8...8.1t:...8.Rich..8.........................PE..d...Sh.c.........." ...".H...(.......L...............................................n....`......................................... l.......p..P...............P....l.../......,...@d...............................c..@............`.. ............................text....G.......H.................. ..`.rdata..h....`.......L..............@..@.data................b..............@....pdata..P............d..............@..@.reloc..,............j..............@..B................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\libssl-3.dll

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):792856
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.57949182561317
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12288:7LN1sdyIzHHZp5c3nlUa6lxzAG11rbmFe9Xbv:7LgfzH5I3nlUa2AU2Fe9Xbv
                                                                                                                                                                                                                                                                                                          MD5:4FF168AAA6A1D68E7957175C8513F3A2
                                                                                                                                                                                                                                                                                                          SHA1:782F886709FEBC8C7CEBCEC4D92C66C4D5DBCF57
                                                                                                                                                                                                                                                                                                          SHA-256:2E4D35B681A172D3298CAF7DC670451BE7A8BA27C26446EFC67470742497A950
                                                                                                                                                                                                                                                                                                          SHA-512:C372B759B8C7817F2CBB78ECCC5A42FA80BDD8D549965BD925A97C3EEBDCE0335FBFEC3995430064DEAD0F4DB68EBB0134EB686A0BE195630C49F84B468113E3
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l.>..|m..|m..|m.u.m..|m+.}l..|m.u}l..|m+..l..|m+.xl..|m+.yl..|m..}l..|m..}m..|m..xl..|m..|l..|m...m..|m..~l..|mRich..|m................PE..d......f.........." ...(.>..........K........................................0......!+....`..........................................x...Q..............s.... ...M......./......d...p...8...............................@............................................text....<.......>.................. ..`.rdata..hz...P...|...B..............@..@.data...qN.......H..................@....pdata..pV... ...X..................@..@.idata...c.......d...^..............@..@.00cfg..u...........................@..@.rsrc...s...........................@..@.reloc..C...........................@..B........................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\pyexpat.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):201488
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.375994899027017
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6144:cAPHiRwroqoLHMpCSNVysh9CV2i6P/1vTg:6wrExSU6PdvTg
                                                                                                                                                                                                                                                                                                          MD5:CF2C3D127F11CB2C026E151956745564
                                                                                                                                                                                                                                                                                                          SHA1:B1C8C432FC737D6F455D8F642A4F79AD95A97BD3
                                                                                                                                                                                                                                                                                                          SHA-256:D3E81017B4A82AE1B85E8CD6B9B7EB04D8817E29E5BC9ECE549AC24C8BB2FF23
                                                                                                                                                                                                                                                                                                          SHA-512:FE3A9C8122FFFF4AF7A51DF39D40DF18E9DB3BC4AED6B161A4BE40A586AC93C1901ACDF64CC5BFFF6975D22073558FC7A37399D016296432057B8150848F636E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1..P.P.P.(t..P...P...P...P...P....P..(.P.P..P....P....P......P....P.Rich.P.........................PE..d.....g.........." ...)..................................................... ............`............................................P... ............................/..........`4..T........................... 3..@............ ...............................text............................... ..`.rdata....... ......................@..@.data.... ..........................@....pdata..............................@..@.rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\python313.dll

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):6083856
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.126922729922386
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:49152:fXGc3O7T4DKX+vLFMmKYxiAYNBD987KdJlI9HbeX2jrgQcw6Zc4h67mM+XDQ3bLi:Of42zJiwJl/YF7v3vaHDMiEN3Kr
                                                                                                                                                                                                                                                                                                          MD5:B9DE917B925DD246B709BB4233777EFD
                                                                                                                                                                                                                                                                                                          SHA1:775F258D8B530C6EA9F0DD3D1D0B61C1948C25D2
                                                                                                                                                                                                                                                                                                          SHA-256:0C0A66505093B6A4BB3475F716BD3D9552095776F6A124709C13B3F9552C7D99
                                                                                                                                                                                                                                                                                                          SHA-512:F4BF3398F50FDD3AB7E3F02C1F940B4C8B5650ED7AF16C626CCD1B934053BA73A35F96DA03B349C1EB614BB23E0BC6B5CC58B07B7553A5C93C6D23124F324A33
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........s]{v ]{v ]{v M.w!_{v M.. S{v M.u!Y{v M.r!U{v M.s!P{v T.. G{v ..w!V{v ]{w .zv ..{!.{v ..v!\{v ... \{v ..t!\{v Rich]{v ........................PE..d......g.........." ...).:+..T9......J........................................d.....uF]...`...........................................O.....h.P.......d......0].......\../....d..... A3.T.....................I.(....?3.@............P+..............................text....8+......:+................. ..`.rdata....%..P+...%..>+.............@..@.data...$9....P..N....P.............@....pdata.......0]...... U.............@..@PyRuntim.N...._..P....W.............@....rsrc.........d.......[.............@..@.reloc........d.......[.............@..B........................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\pywin32_system32\pywintypes313.dll

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):135680
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.0205382324631955
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:q9GPDeI1KuOQEbULZYY/r06YrqHXmZEdb/XAnLT:GgDJ1vOlbfY/rke3mZE9/XA
                                                                                                                                                                                                                                                                                                          MD5:2A87D04E9E7CBFF67E8EA4F6315C0EBB
                                                                                                                                                                                                                                                                                                          SHA1:CF5B2BB53B37087ECA18E509B8551ED5CB7575D9
                                                                                                                                                                                                                                                                                                          SHA-256:D011068781CFBA0955258505DBE7E5C7D3D0B955E7F7640D2F1019D425278087
                                                                                                                                                                                                                                                                                                          SHA-512:2138E051AC116D3ABE11101C75F8BD8388D7FBA89B15E6F82DC35FD78BDD913ED8BA468769F68440CE7834825806281AA15F0023855E3B8248266414D60A4A44
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......A.J+.z$x.z$x.z$x...x.z$xW.%y.z$xc..x.z$xW.!y.z$xW. y.z$xW.'y.z$xN. y.z$xM.%y.z$xN.%y.z$x.z%x.z$x..-y.z$x..$y.z$x..&y.z$xRich.z$x................PE..d...X..g.........." .........................................................`............`.........................................0...lB......,....@..l.... ...............P..0....a..T............................b..8...............p............................text...9........................... ..`.rdata..............................@..@.data....-.......(..................@....pdata....... ......................@..@.rsrc...l....@......................@..@.reloc..0....P......................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\select.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):30992
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.554484610649281
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:384:7hhxm9tKLhuoNHfzzlvFy0ZZIJ9GckHQIYiSy1pCQ4HWSJIVE8E9VF0Ny6sC:tCytHf98uZIJ9Gx5YiSyvy2ES
                                                                                                                                                                                                                                                                                                          MD5:20831703486869B470006941B4D996F2
                                                                                                                                                                                                                                                                                                          SHA1:28851DFD43706542CD3EF1B88B5E2749562DFEE0
                                                                                                                                                                                                                                                                                                          SHA-256:78E5994C29D8851F28B5B12D59D742D876683AEA58ECEEA1FB895B2036CDCDEB
                                                                                                                                                                                                                                                                                                          SHA-512:4AAF5D66D2B73F939B9A91E7EDDFEB2CE2476C625586EF227B312230414C064AA850B02A4028363AA4664408C9510594754530A6D026A0A84BE0168D677C1BC4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........tV..'V..'V..'_.j'T..'F:.&T..'F:.&R..'F:.&^..'F:.&Z..'.;.&T..'V..'...'...&S..'.;.&W..'.;.&W..'.;.'W..'.;.&W..'RichV..'................PE..d.....g.........." ...).....2............................................................`..........................................@..L...<A..x....p.......`.......J.../......L....3..T............................2..@............0...............................text............................... ..`.rdata.......0......................@..@.data...p....P.......8..............@....pdata.......`.......:..............@..@.rsrc........p.......>..............@..@.reloc..L............H..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\INSTALLER

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.5
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Mn:M
                                                                                                                                                                                                                                                                                                          MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                                                                                                                                                                                                                          SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                                                                                                                                                                                                                          SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                                                                                                                                                                                                                          SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:pip.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\LICENSE

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):11358
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4267168336581415
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:nU6G5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEn7HbHR:U9vlKM1zJlFvmNz5VrlkTS07Ht
                                                                                                                                                                                                                                                                                                          MD5:3B83EF96387F14655FC854DDC3C6BD57
                                                                                                                                                                                                                                                                                                          SHA1:2B8B815229AA8A61E483FB4BA0588B8B6C491890
                                                                                                                                                                                                                                                                                                          SHA-256:CFC7749B96F63BD31C3C42B5C471BF756814053E847C10F3EB003417BC523D30
                                                                                                                                                                                                                                                                                                          SHA-512:98F6B79B778F7B0A15415BD750C3A8A097D650511CB4EC8115188E115C47053FE700F578895C097051C9BC3DFB6197C2B13A15DE203273E1A3218884F86E90E8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:. Apache License. Version 2.0, January 2004. http://www.apache.org/licenses/.. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.. 1. Definitions... "License" shall mean the terms and conditions for use, reproduction,. and distribution as defined by Sections 1 through 9 of this document... "Licensor" shall mean the copyright owner or entity authorized by. the copyright owner that is granting the License... "Legal Entity" shall mean the union of the acting entity and all. other entities that control, are controlled by, or are under common. control with that entity. For the purposes of this definition,. "control" means (i) the power, direct or indirect, to cause the. direction or management of such entity, whether by contract or. otherwise, or (ii) ownership of fifty percent (50%) or more of the. outstanding shares, or (iii) beneficial own

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\METADATA

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4648
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.006900644756252
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:Dx2ZSaCSmS8R902Vpnu386eLQ9Ac+fFZpDN00x2jZ2SBXZJSwTE:9Smzf02Vpnu386mQ9B+TP0vJHJSwTE
                                                                                                                                                                                                                                                                                                          MD5:98ABEAACC0E0E4FC385DFF67B607071A
                                                                                                                                                                                                                                                                                                          SHA1:E8C830D8B0942300C7C87B3B8FD15EA1396E07BD
                                                                                                                                                                                                                                                                                                          SHA-256:6A7B90EFFEE1E09D5B484CDF7232016A43E2D9CC9543BCBB8E494B1EC05E1F59
                                                                                                                                                                                                                                                                                                          SHA-512:F1D59046FFA5B0083A5259CEB03219CCDB8CC6AAC6247250CBD83E70F080784391FCC303F7630E1AD40E5CCF5041A57CB9B68ADEFEC1EBC6C31FCF7FFC65E9B7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Metadata-Version: 2.1.Name: importlib_metadata.Version: 8.0.0.Summary: Read metadata from Python packages.Author-email: "Jason R. Coombs" <jaraco@jaraco.com>.Project-URL: Source, https://github.com/python/importlib_metadata.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: License :: OSI Approved :: Apache Software License.Classifier: Programming Language :: Python :: 3.Classifier: Programming Language :: Python :: 3 :: Only.Requires-Python: >=3.8.Description-Content-Type: text/x-rst.License-File: LICENSE.Requires-Dist: zipp >=0.5.Requires-Dist: typing-extensions >=3.6.4 ; python_version < "3.8".Provides-Extra: doc.Requires-Dist: sphinx >=3.5 ; extra == 'doc'.Requires-Dist: jaraco.packaging >=9.3 ; extra == 'doc'.Requires-Dist: rst.linker >=1.9 ; extra == 'doc'.Requires-Dist: furo ; extra == 'doc'.Requires-Dist: sphinx-lint ; extra == 'doc'.Requires-Dist: jaraco.tidelift >=1.4 ; extra == 'doc'.Provides-Extra: perf.Requires-D

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\RECORD

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2518
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.6307766747793275
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:UnuXTg06U5J/Vw9l/gfNX7/XzBk9pvJq/fwJOfYrBfnJ/V0XJnzN/3WJV:bXzP/EgdzzBkDJsoIYrBfJ/CXNz9qV
                                                                                                                                                                                                                                                                                                          MD5:EB513CAFA5226DDA7D54AFDCC9AD8A74
                                                                                                                                                                                                                                                                                                          SHA1:B394C7AEC158350BAF676AE3197BEF4D7158B31C
                                                                                                                                                                                                                                                                                                          SHA-256:0D8D3C6EEB9EBBE86CAC7D60861552433C329DA9EA51248B61D02BE2E5E64030
                                                                                                                                                                                                                                                                                                          SHA-512:A0017CFAFF47FDA6067E3C31775FACEE4728C3220C2D4BD70DEF328BD20AA71A343E39DA15CD6B406F62311894C518DFCF5C8A4AE6F853946F26A4B4E767924E
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:importlib_metadata-8.0.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..importlib_metadata-8.0.0.dist-info/LICENSE,sha256=z8d0m5b2O9McPEK1xHG_dWgUBT6EfBDz6wA0F7xSPTA,11358..importlib_metadata-8.0.0.dist-info/METADATA,sha256=anuQ7_7h4J1bSEzfcjIBakPi2cyVQ7y7jklLHsBeH1k,4648..importlib_metadata-8.0.0.dist-info/RECORD,,..importlib_metadata-8.0.0.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..importlib_metadata-8.0.0.dist-info/WHEEL,sha256=mguMlWGMX-VHnMpKOjjQidIo1ssRlCFu4a4mBpz1s2M,91..importlib_metadata-8.0.0.dist-info/top_level.txt,sha256=CO3fD9yylANiXkrMo4qHLV_mqXL2sC5JFKgt1yWAT-A,19..importlib_metadata/__init__.py,sha256=tZNB-23h8Bixi9uCrQqj9Yf0aeC--Josdy3IZRIQeB0,33798..importlib_metadata/__pycache__/__init__.cpython-312.pyc,,..importlib_metadata/__pycache__/_adapters.cpython-312.pyc,,..importlib_metadata/__pycache__/_collections.cpython-312.pyc,,..importlib_metadata/__pycache__/_compat.cpython-312.pyc,,..importlib_metadata/__pycac

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\WHEEL

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):91
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.687870576189661
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:RtEeXMRYFAVLMvhRRP+tPCCfA5S:RtC1VLMvhjWBBf
                                                                                                                                                                                                                                                                                                          MD5:7D09837492494019EA51F4E97823D79F
                                                                                                                                                                                                                                                                                                          SHA1:7829B4324BB542799494131A270EC3BDAD4DEDEF
                                                                                                                                                                                                                                                                                                          SHA-256:9A0B8C95618C5FE5479CCA4A3A38D089D228D6CB1194216EE1AE26069CF5B363
                                                                                                                                                                                                                                                                                                          SHA-512:A0063220ECDD22C3E735ACFF6DE559ACF3AC4C37B81D37633975A22A28B026F1935CD1957C0FF7D2ECC8B7F83F250310795EECC5273B893FFAB115098F7B9C38
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Wheel-Version: 1.0.Generator: setuptools (70.1.1).Root-Is-Purelib: true.Tag: py3-none-any..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\top_level.txt

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):19
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.536886723742169
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:JSej0EBERG:50o4G
                                                                                                                                                                                                                                                                                                          MD5:A24465F7850BA59507BF86D89165525C
                                                                                                                                                                                                                                                                                                          SHA1:4E61F9264DE74783B5924249BCFE1B06F178B9AD
                                                                                                                                                                                                                                                                                                          SHA-256:08EDDF0FDCB29403625E4ACCA38A872D5FE6A972F6B02E4914A82DD725804FE0
                                                                                                                                                                                                                                                                                                          SHA-512:ECF1F6B777970F5257BDDD353305447083008CEBD8E5A27C3D1DA9C7BDC3F9BF3ABD6881265906D6D5E11992653185C04A522F4DB5655FF75EEDB766F93D5D48
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:importlib_metadata.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\jaraco\text\Lorem ipsum.txt

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (888)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1335
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.226823573023539
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:FP6Hbz+g9RPZ14bJi04L6GEbX4UQF4UkZQhxI2EIhNyu:9E+i6bJmLm43+Uxxnh0u
                                                                                                                                                                                                                                                                                                          MD5:4CE7501F6608F6CE4011D627979E1AE4
                                                                                                                                                                                                                                                                                                          SHA1:78363672264D9CD3F72D5C1D3665E1657B1A5071
                                                                                                                                                                                                                                                                                                          SHA-256:37FEDCFFBF73C4EB9F058F47677CB33203A436FF9390E4D38A8E01C9DAD28E0B
                                                                                                                                                                                                                                                                                                          SHA-512:A4CDF92725E1D740758DA4DD28DF5D1131F70CEF46946B173FE6956CC0341F019D7C4FECC3C9605F354E1308858721DADA825B4C19F59C5AD1CE01AB84C46B24
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum..Curabitur pretium tincidunt lacus. Nulla gravida orci a odio. Nullam varius, turpis et commodo pharetra, est eros bibendum elit, nec luctus magna felis sollicitudin mauris. Integer in mauris eu nibh euismod gravida. Duis ac tellus et risus vulputate vehicula. Donec lobortis risus a elit. Etiam tempor. Ut ullamcorper, ligula eu tempor congue, eros est euismod turpis, id tincidunt sapien risus a quam. Maecenas fermentum consequat mi. Donec fermentum. Pellentesque malesuada nulla a mi. Duis sapien sem, aliquet nec, commodo eget, consequat quis, neque.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info\INSTALLER

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4
                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.5
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:Mn:M
                                                                                                                                                                                                                                                                                                          MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                                                                                                                                                                                                                          SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                                                                                                                                                                                                                          SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                                                                                                                                                                                                                          SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:pip.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info\LICENSE.txt

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1107
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.115074330424529
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:PWmrRONJHLH0cPP3gtkHw1h39QHOsUv4eOk4/+jvho3nPz:ttONJbbvE/NQHOs5eNS3n7
                                                                                                                                                                                                                                                                                                          MD5:7FFB0DB04527CFE380E4F2726BD05EBF
                                                                                                                                                                                                                                                                                                          SHA1:5B39C45A91A556E5F1599604F1799E4027FA0E60
                                                                                                                                                                                                                                                                                                          SHA-256:30C23618679108F3E8EA1D2A658C7CA417BDFC891C98EF1A89FA4FF0C9828654
                                                                                                                                                                                                                                                                                                          SHA-512:205F284F3A7E8E696C70ED7B856EE98C1671C68893F0952EEC40915A383BC452B99899BDC401F9FE161A1BF9B6E2CEA3BCD90615EEE9173301657A2CE4BAFE14
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:MIT License..Copyright (c) 2012 Daniel Holth <dholth@fastmail.fm> and contributors..Permission is hereby granted, free of charge, to any person obtaining a.copy of this software and associated documentation files (the "Software"),.to deal in the Software without restriction, including without limitation.the rights to use, copy, modify, merge, publish, distribute, sublicense,.and/or sell copies of the Software, and to permit persons to whom the.Software is furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included.in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,.FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL.THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR.OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERW

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info\METADATA

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2153
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.088249746074878
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:DEhpFu5MktjaywDK48d+md+7uT8RfkD1UKd+mOl1Awry:DEhpiMktjayq/7kOfsUzmbYy
                                                                                                                                                                                                                                                                                                          MD5:EBEA27DA14E3F453119DC72D84343E8C
                                                                                                                                                                                                                                                                                                          SHA1:7CEB6DBE498B69ABF4087637C6F500742FF7E2B4
                                                                                                                                                                                                                                                                                                          SHA-256:59BAC22B00A59D3E5608A56B8CF8EFC43831A36B72792EE4389C9CD4669C7841
                                                                                                                                                                                                                                                                                                          SHA-512:A41593939B9325D40CB67FD3F41CD1C9E9978F162487FB469094C41440B5F48016B9A66BE2E6E4A0406D6EEDB25CE4F5A860BA1E3DC924B81F63CEEE3AE31117
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Metadata-Version: 2.1.Name: wheel.Version: 0.43.0.Summary: A built-package format for Python.Keywords: wheel,packaging.Author-email: Daniel Holth <dholth@fastmail.fm>.Maintainer-email: Alex Gr.nholm <alex.gronholm@nextday.fi>.Requires-Python: >=3.8.Description-Content-Type: text/x-rst.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: Topic :: System :: Archiving :: Packaging.Classifier: License :: OSI Approved :: MIT License.Classifier: Programming Language :: Python.Classifier: Programming Language :: Python :: 3 :: Only.Classifier: Programming Language :: Python :: 3.8.Classifier: Programming Language :: Python :: 3.9.Classifier: Programming Language :: Python :: 3.10.Classifier: Programming Language :: Python :: 3.11.Classifier: Programming Language :: Python :: 3.12.Requires-Dist: pytest >= 6.0.0 ; extra == "test".Requires-Dist: setuptools >= 65 ; extra == "test".Project-URL: Changelog, https://wheel.readthedocs.io/en/s

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info\RECORD

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4557
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.714200636114494
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:QXVuEmegx01TQIvFCiq9H/H7vp88FxTXiJPkGJP4CWweXQHmnDpMI78IegK5EeZR:QXVxAbYkU4CWweXQHmnDpMeV2BvTRqQF
                                                                                                                                                                                                                                                                                                          MD5:44D352C4997560C7BFB82D9360F5985A
                                                                                                                                                                                                                                                                                                          SHA1:BE58C7B8AB32790384E4E4F20865C4A88414B67A
                                                                                                                                                                                                                                                                                                          SHA-256:783E654742611AF88CD9F00BF01A431A219DB536556E63FF981C7BD673070AC9
                                                                                                                                                                                                                                                                                                          SHA-512:281B1D939A560E6A08D0606E5E8CE15F086B4B45738AB41ED6B5821968DC8D764CD6B25DB6BA562A07018C271ABF17A6BC5A380FAD05696ADF1D11EE2C5749C8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:../../bin/wheel,sha256=cT2EHbrv-J-UyUXu26cDY-0I7RgcruysJeHFanT1Xfo,249..wheel-0.43.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..wheel-0.43.0.dist-info/LICENSE.txt,sha256=MMI2GGeRCPPo6h0qZYx8pBe9_IkcmO8aifpP8MmChlQ,1107..wheel-0.43.0.dist-info/METADATA,sha256=WbrCKwClnT5WCKVrjPjvxDgxo2tyeS7kOJyc1GaceEE,2153..wheel-0.43.0.dist-info/RECORD,,..wheel-0.43.0.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..wheel-0.43.0.dist-info/WHEEL,sha256=EZbGkh7Ie4PoZfRQ8I0ZuP9VklN_TvcZ6DSE5Uar4z4,81..wheel-0.43.0.dist-info/entry_points.txt,sha256=rTY1BbkPHhkGMm4Q3F0pIzJBzW2kMxoG1oriffvGdA0,104..wheel/__init__.py,sha256=D6jhH00eMzbgrXGAeOwVfD5i-lCAMMycuG1L0useDlo,59..wheel/__main__.py,sha256=NkMUnuTCGcOkgY0IBLgBCVC_BGGcWORx2K8jYGS12UE,455..wheel/__pycache__/__init__.cpython-312.pyc,,..wheel/__pycache__/__main__.cpython-312.pyc,,..wheel/__pycache__/_setuptools_logging.cpython-312.pyc,,..wheel/__pycache__/bdist_wheel.cpython-312.pyc,,..wheel/__pycache

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info\WHEEL

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):81
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.672346887071811
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:RtEeX/QFM+vxP+tPCCfA5I:Rt1Qq2WBB3
                                                                                                                                                                                                                                                                                                          MD5:24019423EA7C0C2DF41C8272A3791E7B
                                                                                                                                                                                                                                                                                                          SHA1:AAE9ECFB44813B68CA525BA7FA0D988615399C86
                                                                                                                                                                                                                                                                                                          SHA-256:1196C6921EC87B83E865F450F08D19B8FF5592537F4EF719E83484E546ABE33E
                                                                                                                                                                                                                                                                                                          SHA-512:09AB8E4DAA9193CFDEE6CF98CCAE9DB0601F3DCD4944D07BF3AE6FA5BCB9DC0DCAFD369DE9A650A38D1B46C758DB0721EBA884446A8A5AD82BB745FD5DB5F9B1
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Wheel-Version: 1.0.Generator: flit 3.9.0.Root-Is-Purelib: true.Tag: py3-none-any.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\setuptools\_vendor\wheel-0.43.0.dist-info\entry_points.txt

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):104
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.271713330022269
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:1SSAnAYgh+MWTMhk6WjrAM5t5ln:1Jb9WTMhk9jUM5t5ln
                                                                                                                                                                                                                                                                                                          MD5:6180E17C30BAE5B30DB371793FCE0085
                                                                                                                                                                                                                                                                                                          SHA1:E3A12C421562A77D90A13D8539A3A0F4D3228359
                                                                                                                                                                                                                                                                                                          SHA-256:AD363505B90F1E1906326E10DC5D29233241CD6DA4331A06D68AE27DFBC6740D
                                                                                                                                                                                                                                                                                                          SHA-512:69EAE7B1E181D7BA1D3E2864D31E1320625A375E76D3B2FBF8856B3B6515936ACE3138D4D442CABDE7576FCFBCBB0DEED054D90B95CFA1C99829DB12A9031E26
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[console_scripts].wheel=wheel.cli:main..[distutils.commands].bdist_wheel=wheel.bdist_wheel:bdist_wheel..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\sqlite3.dll

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1540368
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.577233901213655
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24576:cmKZpHTv4iPI9FDgJNRs++l8GwLXSz4ih5Z5jWbsxuIl40OwumzuLxIhiE:0rJoDgJNRs+U8GwLXSMIZ5jWb0uIl48R
                                                                                                                                                                                                                                                                                                          MD5:7E632F3263D5049B14F5EDC9E7B8D356
                                                                                                                                                                                                                                                                                                          SHA1:92C5B5F96F1CBA82D73A8F013CBAF125CD0898B8
                                                                                                                                                                                                                                                                                                          SHA-256:66771FBD64E2D3B8514DD0CD319A04CA86CE2926A70F7482DDEC64049E21BE38
                                                                                                                                                                                                                                                                                                          SHA-512:CA1CC67D3EB63BCA3CE59EF34BECCE48042D7F93B807FFCD4155E4C4997DC8B39919AE52AB4E5897AE4DBCB47592C4086FAC690092CAA7AA8D3061FBA7FE04A2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......gsX.#.6.#.6.#.6.*j../.6.3.7.!.6.3.5.'.6.3.2.+.6.3.3...6.hj7. .6.#.7...6.k.>.".6.k.6.".6.k..".6.k.4.".6.Rich#.6.........................PE..d.....g.........." ...).0...(.......................................................P....`..............................................#...........`...............R.../...p..X...0...T..............................@............@..X............................text...9........0.................. ..`.rdata..,....@.......4..............@..@.data...`M...0...D..................@....pdata...............\..............@..@.rsrc........`.......8..............@..@.reloc..X....p.......B..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\unicodedata.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):709904
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.861739047785334
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12288:FYGdLI/X77mvfldCKGihH32W3cnPSqrUgLIe:FYGW7qNxr3cnPXLIe
                                                                                                                                                                                                                                                                                                          MD5:0902D299A2A487A7B0C2D75862B13640
                                                                                                                                                                                                                                                                                                          SHA1:04BCBD5A11861A03A0D323A8050A677C3A88BE13
                                                                                                                                                                                                                                                                                                          SHA-256:2693C7EE4FBA55DC548F641C0CB94485D0E18596FFEF16541BD43A5104C28B20
                                                                                                                                                                                                                                                                                                          SHA-512:8CBEF5A9F2D24DA1014F8F1CCBDDD997A084A0B04DD56BCB6AC38DDB636D05EF7E4EA7F67A085363AAD3F43D45413914E55BDEF14A662E80BE955E6DFC2FECA3
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........Q.............(.....(.....(.....(.....)................).....).....)x....)....Rich..................PE..d.....g.........." ...).B...f......P,..............................................<.....`.........................................P...X................................/..........p...T...........................0...@............`..h............................text....@.......B.................. ..`.rdata...?...`...@...F..............@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI68482\win32\win32crypt.pyd

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):125440
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.967992588245897
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:7ErQXAv52qRoQ79rwlaGVBA+xdPQQL1kUgZAO+sm2c83mL7g2kbB47a:7EgCiQ9roEoJptO+1pRL7ghbB47a
                                                                                                                                                                                                                                                                                                          MD5:94049E023814436E0A3560474F7057D1
                                                                                                                                                                                                                                                                                                          SHA1:28DDCCEE782B9613CE06224E2C80F67FBB2E16C7
                                                                                                                                                                                                                                                                                                          SHA-256:306022128185B4608E49400B7A3FD5954FF524C201D989833CB3AA5856562E97
                                                                                                                                                                                                                                                                                                          SHA-512:FCC00194624B668B39AB29D9D07F080668FB564C6558A9AB8E736052FB8CA596803A4B03DEE827BE915ACCB65251804A7661E976D314A453806D67DCE1269CF6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........g..I...I...I...@~r.O....s..M....s..Y....s..A....s..J...s..K.......K....~..N...I......s..@...s..H...s..H...RichI...........................PE..d...e..g.........." ................(........................................0............`.............................................................d.................... ..H....W..T............................W..8............ ...............................text...~........................... ..`.rdata..p.... ......................@..@.data....-.......(..................@....pdata..............................@..@.rsrc...d...........................@..@.reloc..H.... ......................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\aea9f42a-5c46-4c7a-b198-11b9aff3cd77.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):138356
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.809609231921042
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:AQ++ZdS5+fnwcxO+XwquyeNnmraugZ/1DOoncWD/5q:AQ++/PZmlyeNnh/1SmRq
                                                                                                                                                                                                                                                                                                          MD5:3F6F93C3DCCD4A91C4EB25C7F6FEB1C1
                                                                                                                                                                                                                                                                                                          SHA1:9B73F46ADFA1F4464929B408407E73D4535C6827
                                                                                                                                                                                                                                                                                                          SHA-256:19F05352CB4C6E231C1C000B6C8B7E9EDCC1E8082CAF46FFF16B239D32AA7C9E
                                                                                                                                                                                                                                                                                                          SHA-512:D488FA67E3A29D0147E9EAF2EABC74D9A255F8470CF79A4AEA60E3B3B5E48A3FCBC4FC3E9CE58DFF8D7D0CAA8AE749295F221E1FE1BA5D20DEB2D97544A12BA4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........q.a.....E..i.t,..7C..7!...`l.-.......T.vH...~.....'..aH..C.oJOE..d..2..$J......I..;.(9l.(..+.N.6.@...].a.n.S.6..=.b.W.\....o...#.~J.W.1..E...2H....S.g0....../.H...y.O8...kE.,..m!..F.D.p......H..s.W ...#.L........Ij.........-..n..\..vD.d.V.....!......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. ?Eq.M...[6^...+.].G..Y]...7..o.. U...v....P.J...@.E!...B.d..p..i".%............oo.<....~=..!t.+...`....h..LK....0....h...,.R%.....u...._..V_.q:_._..5}.uS\.....x?...~]..C-....S=L...._c.P.B....-M...62.i*.Q.....9.....+S=...../6:...W..ql/g..&j.y..{.."....|..F....|....V....w.%t.y..?..&..a..<.n....S+|..=.ra.....

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\c1c572fd-585c-4903-9a34-45e526614ab9.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JPEG image data, comment: "Lavc59.36.100", baseline, precision 8, 1280x720, components 3
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):247862
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.979773520722768
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:4KO7ZlIwvazVelM733/+xaV3SRsxuJ2IE/6gqE9sv8ZE3DABewY2xqvGJFaKOBpO:0nYV2Ef+x7sX1/6VE9q3we1vGAhoWe
                                                                                                                                                                                                                                                                                                          MD5:37DEF3B7E8605FB202F675606BE81476
                                                                                                                                                                                                                                                                                                          SHA1:19EE229E18B5548681C6E17122E9C577676C45C3
                                                                                                                                                                                                                                                                                                          SHA-256:2436108FF6EC2D1325923C779E74906EED47A1BE0869119C291DA17EA091A0A9
                                                                                                                                                                                                                                                                                                          SHA-512:236D51C52F2E8401D9CE06BF2658B5592FAE9E958DA947E625AE7B8F9CB3B490C87487CDB1F555C34263D8DF555BB18D19A58C6BBBFA8F5C24C1A3B9800BA9BF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.....XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........desc........IEC http://www.iec.ch............IEC http://www.iec.ch..............................................desc........IEC 61966-2.1 Default RGB colour space - sRGB............IEC 61966-2.1 Default RGB colour space - sRGB......................desc.......,Reference Viewing Condition in IEC61966-2.1...........,Reference Viewing Condition in IEC61966-2.1..........................

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2110
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.403786624723737
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:Yzj57SnaJ57H57Uv5W1Sj5W175zuR5z+5zn071eDJk5c1903bj5jJp0gcU854Rrg:8e2Fa116uCntc5toYkNgWMM
                                                                                                                                                                                                                                                                                                          MD5:95D03D9787BC84FEE7997EF44B75CA7A
                                                                                                                                                                                                                                                                                                          SHA1:26ABE1F5DA444003A112D05F5C20A42979C894DA
                                                                                                                                                                                                                                                                                                          SHA-256:A2A0214A7F7ED444578708AF59994A5249C4D63753B500C16AD86109FAC5FE58
                                                                                                                                                                                                                                                                                                          SHA-512:4F32439B547217B0DA0CF51D4667C052E0C5DA34E26C69C093591668810601653505B9E5266A0D861E32085791CAEDE5B7AAF1B44A0D48138084C0CC2F1418AE
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"logTime": "1004/133448", "correlationVector":"vYS73lRT+EoO2Owh9jsc+Y","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"n/KhuHPhHmYXokB31+JZz7","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"fclQx26bUZO07waFEDe6Fn","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"0757l0tkKt37vNrdCKAm8w","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"uTRRkmbbqkgK/wPBCS4fct","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"2DrXipL1ngF91RN7IemK0e","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"d0GyjEgnW85fvDIojHVIXI","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"PvfzGWRutB/kmuXUK+c8XA","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"29CB75FBC4C942E0817A1F7A0E2CF647

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\d7461bb9-1c9e-4628-ac21-2fbb6a131255.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_1319231405\28931b2f-217e-4b62-a74d-53d5356dfce4.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):11185
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_1319231405\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1753
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                                          MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                                          SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                                          SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                                          SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_1319231405\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):9815
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                                          MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                                          SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                                          SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                                          SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_1319231405\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):10388
                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                                          MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                                          SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                                          SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                                          SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_1319231405\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):962
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                                          MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                                          SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                                          SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                                          SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):4982
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                                          MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                                          SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                                          SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                                          SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):908
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                                          MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                                          SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                                          SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                                          SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1285
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                                          MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                                          SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                                          SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                                          SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1244
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                                          MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                                          SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                                          SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                                          SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):977
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                                          MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                                          SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                                          SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                                          SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):3107
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                                          MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                                          SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                                          SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                                          SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1389
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                                          MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                                          SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                                          SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                                          SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1763
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                                          MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                                          SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                                          SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                                          SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):930
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                                          MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                                          SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                                          SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                                          SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):913
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                                          MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                                          SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                                          SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                                          SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):806
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                                          MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                                          SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                                          SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                                          SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):883
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                                          MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                                          SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                                          SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                                          SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1031
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                                          MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                                          SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                                          SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                                          SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1613
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                                          MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                                          SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                                          SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                                          SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):851
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):851
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):848
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                                          MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                                          SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                                          SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                                          SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1425
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                                          MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                                          SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                                          SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                                          SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):961
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                                          MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                                          SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                                          SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                                          SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):959
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                                          MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                                          SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                                          SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                                          SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):968
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                                          MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                                          SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                                          SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                                          SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):838
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                                          MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                                          SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                                          SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                                          SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1305
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                                          MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                                          SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                                          SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                                          SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):911
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                                          MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                                          SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                                          SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                                          SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):939
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                                          MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                                          SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                                          SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                                          SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):977
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                                          MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                                          SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                                          SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                                          SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):972
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                                          MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                                          SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                                          SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                                          SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):990
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                                          MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                                          SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                                          SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                                          SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1658
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                                          MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                                          SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                                          SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                                          SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1672
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                                          MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                                          SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                                          SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                                          SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):935
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                                          MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                                          SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                                          SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                                          SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1065
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                                          MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                                          SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                                          SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                                          SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2771
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                                          MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                                          SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                                          SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                                          SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):858
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                                          MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                                          SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                                          SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                                          SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):954
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                                          MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                                          SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                                          SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                                          SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):899
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                                          MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                                          SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                                          SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                                          SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2230
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                                          MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                                          SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                                          SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                                          SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1160
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                                          MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                                          SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                                          SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                                          SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):3264
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                                          MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                                          SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                                          SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                                          SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):3235
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                                          MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                                          SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                                          SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                                          SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):3122
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                                          MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                                          SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                                          SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                                          SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1895
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                                          MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                                          SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                                          SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                                          SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1042
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                                          MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                                          SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                                          SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                                          SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2535
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                                          MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                                          SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                                          SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                                          SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1028
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                                          MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                                          SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                                          SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                                          SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):994
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                                          MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                                          SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                                          SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                                          SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2091
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                                          MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                                          SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                                          SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                                          SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2778
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                                          MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                                          SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                                          SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                                          SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1719
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                                          MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                                          SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                                          SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                                          SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):936
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                                          MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                                          SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                                          SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                                          SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):3830
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                                          MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                                          SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                                          SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                                          SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1898
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                                          MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                                          SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                                          SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                                          SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):914
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                                          MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                                          SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                                          SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                                          SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):878
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                                          MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                                          SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                                          SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                                          SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2766
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                                          MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                                          SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                                          SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                                          SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):978
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                                          MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                                          SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                                          SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                                          SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):907
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                                          MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                                          SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                                          SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                                          SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):914
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                                          MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                                          SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                                          SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                                          SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):937
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                                          MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                                          SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                                          SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                                          SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1337
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                                          MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                                          SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                                          SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                                          SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2846
                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                                          MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                                          SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                                          SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                                          SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):934
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                                          MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                                          SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                                          SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                                          SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):963
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                                          MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                                          SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                                          SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                                          SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1320
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                                          MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                                          SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                                          SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                                          SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):884
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                                          MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                                          SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                                          SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                                          SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):980
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                                          MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                                          SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                                          SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                                          SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1941
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                                          MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                                          SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                                          SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                                          SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1969
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                                          MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                                          SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                                          SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                                          SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1674
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                                          MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                                          SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                                          SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                                          SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1063
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                                          MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                                          SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                                          SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                                          SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1333
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                                          MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                                          SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                                          SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                                          SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1263
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                                          MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                                          SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                                          SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                                          SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1074
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                                          MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                                          SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                                          SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                                          SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):879
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                                          MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                                          SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                                          SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                                          SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):1205
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                                          MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                                          SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                                          SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                                          SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):843
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                                          MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                                          SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                                          SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                                          SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):912
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                                          MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                                          SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                                          SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                                          SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):11280
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.751992630887702
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuHEIIMuuqd7CKqvUpGTcjG:m8IEI4u8Rp
                                                                                                                                                                                                                                                                                                          MD5:250C48F4915DD4C0DFA7E7E021A4F066
                                                                                                                                                                                                                                                                                                          SHA1:092A98BF40D8C18280393BF3811A7DFA9A9FD326
                                                                                                                                                                                                                                                                                                          SHA-256:26D9B129339E2E2EB8E0223E16DB3CF0EA220AC0799480D462C236E6A425665E
                                                                                                                                                                                                                                                                                                          SHA-512:8B18E232992E55E8DA97AC46D7AACA061508341D1EADCEFF1E9D0677734DFA8B892AB44754A3AA100585F5B2F2562BC4F2D7103065050FFCD00F91D5915CE5E6
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):854
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                                          MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                                          SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                                          SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                                          SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):2525
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.417833205646285
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1K9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APKgiVb
                                                                                                                                                                                                                                                                                                          MD5:236D2DD305D64C2B6ABD232ED53270DF
                                                                                                                                                                                                                                                                                                          SHA1:9F6885E95FBC4213631F0B0EA49C803D07D34136
                                                                                                                                                                                                                                                                                                          SHA-256:2A4D526B9D1C8665427FB9E0DA58D16FDDE382DD74C1258941B18701EF7880C3
                                                                                                                                                                                                                                                                                                          SHA-512:B76AF22153F79BCA2429A23746A62A430A521E952E7F94936648ECFD25AFDD9801ACBF6FD16941918A4FEDE39DE747AB6C6336BC86CA74384920AF7E815DB855
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):97
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                                          MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                                          SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                                          SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                                          SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (3777)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):98880
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.414989230634404
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:M+TW9bPq1M3ZOC0pJ/BjXf3Zk/7hry6fq66V3gr9KUw5SXfPxhZhGurH6c/V:WPLZwJJXf3ZvRV3gJKU/fP+urHRV
                                                                                                                                                                                                                                                                                                          MD5:DC93A1045D1AD8D7ADD06B93B2FE79E2
                                                                                                                                                                                                                                                                                                          SHA1:CAFCC8DB7F8E3FD2F8C1EFAC7B385D7616F55EA3
                                                                                                                                                                                                                                                                                                          SHA-256:D5CEB4449384CD2D7898C052B7B99417961880945FC4EAE80EBBAF8E24CC0A3E
                                                                                                                                                                                                                                                                                                          SHA-512:025F7103D1F7D607825BE916D0131C1E04B295EB562974A77F5A16E7BF40250B5608071779B420E4738F86F09A6F7C889469FA898268894FFFEEB7465C589E81
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:'use strict';function aa(){return function(a){return a}}function ba(){return function(){}}function l(a){return function(){return this[a]}}function ca(a){return function(){return a}}var n;function da(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=fa(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new Ty

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):291
                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                                                          MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                                                          SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                                                          SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                                                          SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (3782)
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):107677
                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.396220758526552
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:1536:7nwyvB1qCo7mWUgsUopF5Xy4FlAwxdhvHcrdncqAKxwjBnKwIDQgrOChkPIgmrCp:wh6gstXy4FM5ncJKxCnKWgrd0v
                                                                                                                                                                                                                                                                                                          MD5:E8015AC436B33034EDF7DA060E853A04
                                                                                                                                                                                                                                                                                                          SHA1:62D0F6EB0E441158A1F56F6E0C70D3D229B57886
                                                                                                                                                                                                                                                                                                          SHA-256:23C953E989FF4AF6126D4A3B2AD21B33A82512FC8768045C00F05940DE2C9978
                                                                                                                                                                                                                                                                                                          SHA-512:C35AC8692FC22B78365CA202E173A90AE4B5DBA338B7FC9EEB17EDDF5868B52CF1D13DC0EDAF36BE1CC0E0152F41AC4027C51D7ECA27778B483E3FC83F11EA82
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:'use strict';function aa(){return function(a){return a}}function ba(){return function(){}}function k(a){return function(){return this[a]}}function ca(a){return function(){return a}}var n;function da(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=fa(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new Ty

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir8856_160226559\aea9f42a-5c46-4c7a-b198-11b9aff3cd77.tmp

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):138356
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.809609231921042
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:3072:AQ++ZdS5+fnwcxO+XwquyeNnmraugZ/1DOoncWD/5q:AQ++/PZmlyeNnh/1SmRq
                                                                                                                                                                                                                                                                                                          MD5:3F6F93C3DCCD4A91C4EB25C7F6FEB1C1
                                                                                                                                                                                                                                                                                                          SHA1:9B73F46ADFA1F4464929B408407E73D4535C6827
                                                                                                                                                                                                                                                                                                          SHA-256:19F05352CB4C6E231C1C000B6C8B7E9EDCC1E8082CAF46FFF16B239D32AA7C9E
                                                                                                                                                                                                                                                                                                          SHA-512:D488FA67E3A29D0147E9EAF2EABC74D9A255F8470CF79A4AEA60E3B3B5E48A3FCBC4FC3E9CE58DFF8D7D0CAA8AE749295F221E1FE1BA5D20DEB2D97544A12BA4
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........q.a.....E..i.t,..7C..7!...`l.-.......T.vH...~.....'..aH..C.oJOE..d..2..$J......I..;.(9l.(..+.N.6.@...].a.n.S.6..=.b.W.\....o...#.~J.W.1..E...2H....S.g0....../.H...y.O8...kE.,..m!..F.D.p......H..s.W ...#.L........Ij.........-..n..\..vD.d.V.....!......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. ?Eq.M...[6^...+.].G..Y]...7..o.. U...v....P.J...@.E!...B.d..p..i".%............oo.<....~=..!t.+...`....h..LK....0....h...,.R%.....u...._..V_.q:_._..5}.uS\.....x?...~]..C-....S=L...._c.P.B....-M...62.i*.Q.....9.....+S=...../6:...W..ql/g..&j.y..{.."....|..F....|....V....w.%t.y..?..&..a..<.n....S+|..=.ra.....

                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\[Unknown IP][Unknown CC]08-58-10-22-11-24.zip

                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                          Size (bytes):10766
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.960697952668662
                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                          SSDEEP:192:tMe8p1WnnF+OV3+k2PoVHXlI+XgDBoww2pioQWbE7SGy:2J1AF+OVOPUVI+Oiww2pmT+n
                                                                                                                                                                                                                                                                                                          MD5:84AEE958B1DBE56226480181926BE84D
                                                                                                                                                                                                                                                                                                          SHA1:87DD60EB9ADDE7ACB1F13F05A4B259F74C7A54BF
                                                                                                                                                                                                                                                                                                          SHA-256:7F5639F8728F761D5F02C0613ABDA76BEE0E1AB8CFAA2FEAB065F2FED3B047B8
                                                                                                                                                                                                                                                                                                          SHA-512:C5062C578350F9D5A4D5AEBBADA2593F3D783D068246D551ABC7CF7BCDC0CAC4A21C2681591BEAA2B17C22CF947B004015743D1BB5241BEB188B4F60A81E8FF7
                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                          Preview:PK.........9vY....(...M......Info.txt.}ys.8....Q.....S..A...3....k..>.v..%..+.........I........"..e&..H.0....{M.`.:.}...,.....A?.?..(@.=....%.8N.C$.....L....(.b..P|.~.1.......Q..D..2......:.4.U-.6.)PW1.]6lA.Lj...X3~..8.....=.\.Ct.F..9E"F.$F.....}..>.C.$....c*..k..tw....O.}Q..V..b............Q..a.....y......2..i:..t.&.~?.$Ar.d..*....oAo.......!..gOC..w*?f..;DW.k..}.....N..7..O.(...%.K.:../... ....i..u.,.~9...8..\t..d....`..."..........._...#...42..Fq.z.4Q'].......C.n..3oE....z.C.BTx.I...`.u...%....E.!.g.....).g... Ia>...DRv..as<.....s.=..i...x..*... Av.33.]....1.{..Q6..b.7..x..........I>h..n..}?.rf....a?...>CG.?~..):~.K.A.....s..6l?...Qfz...{..b..C..8...]MT......2..`.?....O.x`!H....J.C..].wH<D..I.z...4IY$...4....?.c..1L.>r.w...../..0....z.2.0.3.4H.'...'.hjI...." ./.2...d..'..U<.O)z...0.rD0........O..`C.......fz....8..8.aNGin.....D.I.6wl..|..)..&..$x....}....E_. .;.Z6..|....;.&y.....on.^8A}....y....l(....X.\.v....b..c....n....../..#3(..H......

                                                                                                                                                                                                                                                                                                          Static File Info

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          File type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.996512433957003
                                                                                                                                                                                                                                                                                                          TrID:
                                                                                                                                                                                                                                                                                                          • Win64 Executable GUI (202006/5) 92.65%
                                                                                                                                                                                                                                                                                                          • Win64 Executable (generic) (12005/4) 5.51%
                                                                                                                                                                                                                                                                                                          • Generic Win/DOS Executable (2004/3) 0.92%
                                                                                                                                                                                                                                                                                                          • DOS Executable Generic (2002/1) 0.92%
                                                                                                                                                                                                                                                                                                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                          File name:file.exe
                                                                                                                                                                                                                                                                                                          File size:13'960'143 bytes
                                                                                                                                                                                                                                                                                                          MD5:2dbf5e00223bd7d14ca7ed7be362866f
                                                                                                                                                                                                                                                                                                          SHA1:034858ad907ea7bc24a77e51140d3b97efd7ab21
                                                                                                                                                                                                                                                                                                          SHA256:dc88cca0c72a2d4c7f1bc6dcbea6e36825270ed11e34c08f80ee22fb146ca31f
                                                                                                                                                                                                                                                                                                          SHA512:e400087661f32adf1626c166c178638b3eb1d9d064f1d1e7547d802bc8c718d555e11fafb226b6e3ba9d4801ee3040054164680813f75c243bec18c2a3a18789
                                                                                                                                                                                                                                                                                                          SSDEEP:393216:V9YiZ+XMCHWUjccuICvR/P0vKfXmsg8YiZdo:V9YiZ+XMb8JE/svKOudo
                                                                                                                                                                                                                                                                                                          TLSH:51E6330857E009DBD9F24438DEA7A569D5BAB8761B71C34F83B863611FA71C08D39A33
                                                                                                                                                                                                                                                                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......n=..*\.Z*\.Z*\.Za$.[-\.Za$.[.\.Za$.[ \.Z:..Z)\.Z:..[#\.Z:..[;\.Z:..[.\.Za$.[!\.Z*\.Z.\.Zb..[3\.Zb..[+\.ZRich*\.Z........PE..d..

                                                                                                                                                                                                                                                                                                          File Icon

                                                                                                                                                                                                                                                                                                          Icon Hash:1fba9a9a5d3b178e

                                                                                                                                                                                                                                                                                                          Static PE Info

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Entrypoint:0x14000cdb0
                                                                                                                                                                                                                                                                                                          Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                          Digitally signed:false
                                                                                                                                                                                                                                                                                                          Imagebase:0x140000000
                                                                                                                                                                                                                                                                                                          Subsystem:windows gui
                                                                                                                                                                                                                                                                                                          Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                                                                                                                                                                                                                                          DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                          Time Stamp:0x67406F97 [Fri Nov 22 11:48:39 2024 UTC]
                                                                                                                                                                                                                                                                                                          TLS Callbacks:
                                                                                                                                                                                                                                                                                                          CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                          OS Version Major:6
                                                                                                                                                                                                                                                                                                          OS Version Minor:0
                                                                                                                                                                                                                                                                                                          File Version Major:6
                                                                                                                                                                                                                                                                                                          File Version Minor:0
                                                                                                                                                                                                                                                                                                          Subsystem Version Major:6
                                                                                                                                                                                                                                                                                                          Subsystem Version Minor:0
                                                                                                                                                                                                                                                                                                          Import Hash:72c4e339b7af8ab1ed2eb3821c98713a

                                                                                                                                                                                                                                                                                                          Entrypoint Preview

                                                                                                                                                                                                                                                                                                          Instruction
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          sub esp, 28h
                                                                                                                                                                                                                                                                                                          call 00007F4D987EEAECh
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          add esp, 28h
                                                                                                                                                                                                                                                                                                          jmp 00007F4D987EE70Fh
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          sub esp, 28h
                                                                                                                                                                                                                                                                                                          call 00007F4D987EEEB8h
                                                                                                                                                                                                                                                                                                          test eax, eax
                                                                                                                                                                                                                                                                                                          je 00007F4D987EE8B3h
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          mov eax, dword ptr [00000030h]
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          mov ecx, dword ptr [eax+08h]
                                                                                                                                                                                                                                                                                                          jmp 00007F4D987EE897h
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          cmp ecx, eax
                                                                                                                                                                                                                                                                                                          je 00007F4D987EE8A6h
                                                                                                                                                                                                                                                                                                          xor eax, eax
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          cmpxchg dword ptr [0003577Ch], ecx
                                                                                                                                                                                                                                                                                                          jne 00007F4D987EE880h
                                                                                                                                                                                                                                                                                                          xor al, al
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          add esp, 28h
                                                                                                                                                                                                                                                                                                          ret
                                                                                                                                                                                                                                                                                                          mov al, 01h
                                                                                                                                                                                                                                                                                                          jmp 00007F4D987EE889h
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          sub esp, 28h
                                                                                                                                                                                                                                                                                                          test ecx, ecx
                                                                                                                                                                                                                                                                                                          jne 00007F4D987EE899h
                                                                                                                                                                                                                                                                                                          mov byte ptr [00035765h], 00000001h
                                                                                                                                                                                                                                                                                                          call 00007F4D987EDFE5h
                                                                                                                                                                                                                                                                                                          call 00007F4D987EF2D0h
                                                                                                                                                                                                                                                                                                          test al, al
                                                                                                                                                                                                                                                                                                          jne 00007F4D987EE896h
                                                                                                                                                                                                                                                                                                          xor al, al
                                                                                                                                                                                                                                                                                                          jmp 00007F4D987EE8A6h
                                                                                                                                                                                                                                                                                                          call 00007F4D987FBDEFh
                                                                                                                                                                                                                                                                                                          test al, al
                                                                                                                                                                                                                                                                                                          jne 00007F4D987EE89Bh
                                                                                                                                                                                                                                                                                                          xor ecx, ecx
                                                                                                                                                                                                                                                                                                          call 00007F4D987EF2E0h
                                                                                                                                                                                                                                                                                                          jmp 00007F4D987EE87Ch
                                                                                                                                                                                                                                                                                                          mov al, 01h
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          add esp, 28h
                                                                                                                                                                                                                                                                                                          ret
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                          inc eax
                                                                                                                                                                                                                                                                                                          push ebx
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          sub esp, 20h
                                                                                                                                                                                                                                                                                                          cmp byte ptr [0003572Ch], 00000000h
                                                                                                                                                                                                                                                                                                          mov ebx, ecx
                                                                                                                                                                                                                                                                                                          jne 00007F4D987EE8F9h
                                                                                                                                                                                                                                                                                                          cmp ecx, 01h
                                                                                                                                                                                                                                                                                                          jnbe 00007F4D987EE8FCh
                                                                                                                                                                                                                                                                                                          call 00007F4D987EEE2Eh
                                                                                                                                                                                                                                                                                                          test eax, eax
                                                                                                                                                                                                                                                                                                          je 00007F4D987EE8BAh
                                                                                                                                                                                                                                                                                                          test ebx, ebx
                                                                                                                                                                                                                                                                                                          jne 00007F4D987EE8B6h
                                                                                                                                                                                                                                                                                                          dec eax
                                                                                                                                                                                                                                                                                                          lea ecx, dword ptr [00035716h]
                                                                                                                                                                                                                                                                                                          call 00007F4D987FBBE2h

                                                                                                                                                                                                                                                                                                          Data Directories

                                                                                                                                                                                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x3ca5c0x78.rdata
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x470000x2bb4.rsrc
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x440000x2250.pdata
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x4a0000x764.reloc
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x3a0800x1c.rdata
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x39f400x140.rdata
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x2b0000x4a0.rdata
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                          Sections

                                                                                                                                                                                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                          .text0x10000x29f000x2a0002a7ae207b6295492e9da088072661752False0.5514439174107143data6.487454925709845IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                          .rdata0x2b0000x12a500x12c002fd3d60a4adfcd0fe23afe6c97cb4c39False0.5244661458333333data5.75259464875538IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                          .data0x3e0000x53f80xe00dba0caeecab624a0ccc0d577241601d1False0.134765625data1.8392217063172436IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                          .pdata0x440000x22500x2400f5559f14427a02f0a5dbd0dd026cae54False0.470703125data5.291665041994019IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                          .rsrc0x470000x2bb40x2c00166f211e3c4b04fa6db08502bfa20c59False0.13947088068181818data3.8228486303254328IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                          .reloc0x4a0000x7640x800816c68eeb419ee2c08656c31c06a0fffFalse0.5576171875data5.2809528666624175IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                          Resources

                                                                                                                                                                                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                          RT_ICON0x470e80x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216, resolution 2835 x 2835 px/m0.08246887966804979
                                                                                                                                                                                                                                                                                                          RT_GROUP_ICON0x496900x14data1.15
                                                                                                                                                                                                                                                                                                          RT_MANIFEST0x496a40x50dXML 1.0 document, ASCII text0.4694508894044857

                                                                                                                                                                                                                                                                                                          Imports

                                                                                                                                                                                                                                                                                                          DLLImport
                                                                                                                                                                                                                                                                                                          USER32.dllCreateWindowExW, ShutdownBlockReasonCreate, MsgWaitForMultipleObjects, ShowWindow, DestroyWindow, RegisterClassW, DefWindowProcW, PeekMessageW, DispatchMessageW, TranslateMessage, PostMessageW, GetMessageW, MessageBoxW, MessageBoxA, SystemParametersInfoW, DestroyIcon, SetWindowLongPtrW, GetWindowLongPtrW, GetClientRect, InvalidateRect, ReleaseDC, GetDC, DrawTextW, GetDialogBaseUnits, EndDialog, DialogBoxIndirectParamW, MoveWindow, SendMessageW
                                                                                                                                                                                                                                                                                                          COMCTL32.dll
                                                                                                                                                                                                                                                                                                          KERNEL32.dllGetACP, IsValidCodePage, GetStringTypeW, GetFileAttributesExW, SetEnvironmentVariableW, FlushFileBuffers, GetCurrentDirectoryW, LCMapStringW, CompareStringW, FlsFree, GetOEMCP, GetCPInfo, GetModuleHandleW, MulDiv, FormatMessageW, GetLastError, GetModuleFileNameW, LoadLibraryExW, SetDllDirectoryW, CreateSymbolicLinkW, GetProcAddress, GetEnvironmentStringsW, GetCommandLineW, GetEnvironmentVariableW, ExpandEnvironmentStringsW, DeleteFileW, FindClose, FindFirstFileW, FindNextFileW, GetDriveTypeW, RemoveDirectoryW, GetTempPathW, CloseHandle, QueryPerformanceCounter, QueryPerformanceFrequency, WaitForSingleObject, Sleep, GetCurrentProcess, TerminateProcess, GetExitCodeProcess, CreateProcessW, GetStartupInfoW, FreeLibrary, LocalFree, SetConsoleCtrlHandler, K32EnumProcessModules, K32GetModuleFileNameExW, CreateFileW, FindFirstFileExW, GetFinalPathNameByHandleW, MultiByteToWideChar, WideCharToMultiByte, FlsSetValue, FreeEnvironmentStringsW, GetProcessHeap, GetTimeZoneInformation, HeapSize, HeapReAlloc, WriteConsoleW, SetEndOfFile, CreateDirectoryW, RtlCaptureContext, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsProcessorFeaturePresent, GetCurrentProcessId, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, IsDebuggerPresent, RtlUnwindEx, SetLastError, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, RaiseException, RtlPcToFileHeader, GetCommandLineA, GetFileInformationByHandle, GetFileType, PeekNamedPipe, SystemTimeToTzSpecificLocalTime, FileTimeToSystemTime, ReadFile, GetFullPathNameW, SetStdHandle, GetStdHandle, WriteFile, ExitProcess, GetModuleHandleExW, HeapFree, GetConsoleMode, ReadConsoleW, SetFilePointerEx, GetConsoleOutputCP, GetFileSizeEx, HeapAlloc, FlsAlloc, FlsGetValue
                                                                                                                                                                                                                                                                                                          ADVAPI32.dllOpenProcessToken, GetTokenInformation, ConvertStringSecurityDescriptorToSecurityDescriptorW, ConvertSidToStringSidW
                                                                                                                                                                                                                                                                                                          GDI32.dllSelectObject, DeleteObject, CreateFontIndirectW

                                                                                                                                                                                                                                                                                                          Network Behavior

                                                                                                                                                                                                                                                                                                          Network Port Distribution

                                                                                                                                                                                                                                                                                                          TCP Packets

                                                                                                                                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:12:55.411387920 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:12:55.426961899 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:12:55.520771027 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:05.020584106 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:05.036199093 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:05.129951954 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.527766943 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.527869940 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.936363935 CET49705443192.168.2.5104.26.9.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.936454058 CET44349705104.26.9.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.936553955 CET49705443192.168.2.5104.26.9.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.937453985 CET49705443192.168.2.5104.26.9.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.937489033 CET44349705104.26.9.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.155479908 CET44349705104.26.9.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.156450033 CET49705443192.168.2.5104.26.9.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.156485081 CET44349705104.26.9.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.157689095 CET44349705104.26.9.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.157856941 CET49705443192.168.2.5104.26.9.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.159550905 CET49705443192.168.2.5104.26.9.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.159723997 CET44349705104.26.9.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.159751892 CET49705443192.168.2.5104.26.9.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:09.159780979 CET49705443192.168.2.5104.26.9.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:16.261972904 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:16.262079000 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:16.262167931 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:16.280838966 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:16.280870914 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:17.850385904 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:17.850476027 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:17.921196938 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:17.921272993 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:17.921813011 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:17.973706007 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:19.033308983 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:19.033354998 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:19.033464909 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:19.033806086 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:19.033823013 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:19.938297987 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:19.979363918 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474622965 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474684000 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474703074 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474721909 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474754095 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474762917 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474781990 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474802971 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474808931 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474841118 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.474879026 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.494167089 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.494249105 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.494262934 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.494286060 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.494368076 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.937616110 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.937715054 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.941735029 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.941744089 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.942162037 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.953207970 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:20.999346018 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.423727989 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.423763037 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.423784018 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.423837900 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.423855066 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.423903942 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.423903942 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.620969057 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.620997906 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.621062994 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.621074915 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.621128082 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.621141911 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.662431955 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.662478924 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.662554026 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.662570953 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.662600994 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.662632942 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.813687086 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.813714027 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.813874006 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.813886881 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.813973904 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.841156006 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.841228008 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.841263056 CET49706443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.841280937 CET4434970620.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.844175100 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.844199896 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.844276905 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.844286919 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.844428062 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.865209103 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.865232944 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.865324974 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.865331888 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.865480900 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.883368015 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.883393049 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.883552074 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.883558989 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:21.883626938 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.019933939 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.019968987 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.020034075 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.020050049 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.020091057 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.020091057 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.036911011 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.036935091 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.037020922 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.037033081 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.037081957 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.051856041 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.051877022 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.051943064 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.051953077 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.052074909 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.068625927 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.068645000 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.068698883 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.068706989 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.068751097 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.068751097 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.085685968 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.085705042 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.085767984 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.085782051 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.085850000 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.101596117 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.101617098 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.101708889 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.101717949 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.101761103 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.106781960 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.106887102 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.106888056 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.107004881 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.107004881 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.107115984 CET49710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.107135057 CET4434971013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.165858984 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.165971994 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.166187048 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.167109013 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.167140007 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.167253017 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.168523073 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.168580055 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.168862104 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.169540882 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.169579029 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.169740915 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.170737982 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.170749903 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.170871019 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171014071 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171041012 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171211958 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171238899 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171361923 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171377897 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171441078 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171453953 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171566010 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:22.171586037 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.760726929 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.761363983 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.761389971 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.763550997 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.763557911 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.960892916 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.961381912 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.961553097 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.961577892 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.961888075 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.961929083 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.963639021 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.963648081 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.963681936 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:23.963689089 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.017883062 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.018399000 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.018413067 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.018913031 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.018918991 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.024173975 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.024636984 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.024684906 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.025068998 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.025083065 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.209877968 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.209896088 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.209985971 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.210048914 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.210119963 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.210288048 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.210304022 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.210345030 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.210484982 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.210510015 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.210549116 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.213512897 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.213565111 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.213629961 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.213774920 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.213793039 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.406160116 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.406343937 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.406405926 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.406593084 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.406611919 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.411242962 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.411267042 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.411336899 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.411354065 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.411504030 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.412015915 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.412015915 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.412025928 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.412203074 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.412235022 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.412285089 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.426744938 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.426779985 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.426845074 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.427345037 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.427367926 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.427656889 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.427715063 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.427784920 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.427923918 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.427941084 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.475553989 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.475719929 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.475811958 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.475915909 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.475915909 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.475960970 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.475995064 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.478904963 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.478935003 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.478998899 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.479140997 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.479172945 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.480849028 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.480875015 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.480915070 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.480930090 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.481101036 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.481117010 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.481132984 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.481282949 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.481323957 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.481372118 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.484266996 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.484309912 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.484373093 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.484841108 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:24.484859943 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:25.995213032 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.036195040 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.310188055 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.310224056 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.312195063 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.312201977 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.368861914 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.370152950 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.370193958 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.370618105 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.370624065 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.371575117 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.372503042 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.372689009 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.372756958 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.373104095 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.373120070 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.390057087 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.393568039 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.393596888 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.393965960 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.393973112 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.394392967 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.394475937 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.394764900 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.394784927 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.637589931 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.637681007 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.637990952 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.644747972 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.644763947 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.712979078 CET49726443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.713018894 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.713088036 CET49726443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.717233896 CET49726443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.717252016 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.812580109 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.812665939 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.812727928 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.812942982 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.812967062 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.813941002 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.814002037 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.814048052 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.816009998 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.816028118 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.816045046 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.816051960 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.818882942 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.819052935 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.819108009 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.841896057 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.841926098 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.841943026 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.841953993 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.842798948 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.842948914 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.843113899 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.844724894 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.844744921 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.844757080 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.844762087 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.847948074 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.847973108 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.848037958 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.848148108 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.848156929 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.848206043 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.850052118 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.850075006 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.850127935 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.850388050 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.850402117 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.850655079 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.850667000 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.851953983 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.851963997 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.852018118 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.852508068 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.852521896 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.921536922 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:26.921561956 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.572269917 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.577593088 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.582381010 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.582408905 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.583030939 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.583039045 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.583403111 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.583417892 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.583914995 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.583920002 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.638550043 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.639547110 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.639563084 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.640137911 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.640144110 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.642213106 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.643074989 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.643116951 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.643486977 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:28.643495083 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.006076097 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.006161928 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.006236076 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.017020941 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.017117023 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.017183065 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.062958002 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.062988043 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.063004017 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.063011885 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.064148903 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.064148903 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.064157963 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.064167976 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.067737103 CET49737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.067790031 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.067900896 CET49737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.069789886 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.069853067 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.069926023 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.070017099 CET49737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.070033073 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.070244074 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.070259094 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.081942081 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.082005978 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.082107067 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.096308947 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.096365929 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.097043991 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.104912043 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.104923964 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.216885090 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.216912985 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.216931105 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.216938972 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.238480091 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.238518000 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.238609076 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.241741896 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.241777897 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.241877079 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.249141932 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.249160051 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.249814034 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:29.249835014 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.868563890 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.869303942 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.869313002 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.869842052 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.869846106 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.890194893 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.890702009 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.890713930 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.891226053 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.891231060 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.956864119 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.957413912 CET49737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.957442999 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.957889080 CET49737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:30.957894087 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.136604071 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.137167931 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.137202024 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.137658119 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.137665033 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.320502996 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.320583105 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.320687056 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.320997953 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.320997953 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.321013927 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.321022987 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.333632946 CET49743443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.333689928 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.333765984 CET49743443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.333978891 CET49743443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.333998919 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.347886086 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.347954035 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.348206043 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.348206043 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.348206043 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.351577044 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.351614952 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.351799011 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.351960897 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.351979017 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.441940069 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.442104101 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.443027020 CET49737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.449953079 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.450582027 CET49737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.450602055 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.450615883 CET49737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.450623989 CET4434973713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.457279921 CET49726443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.457326889 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.457778931 CET49726443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.457793951 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.459947109 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.459980965 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.460061073 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.460297108 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.460319042 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.602962971 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.603045940 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.603221893 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.604871988 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.604896069 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.610219955 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.610245943 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.610372066 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.611870050 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.611886024 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.666331053 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.666367054 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.886491060 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.886552095 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:31.886646986 CET49726443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.057982922 CET49726443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.058007956 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.058022022 CET49726443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.058029890 CET4434972613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.086283922 CET49747443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.086317062 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.086658001 CET49747443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.120613098 CET49747443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.120620966 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.926747084 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.926806927 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.926942110 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.928913116 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:32.928936005 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.199625015 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.200356960 CET49743443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.200407982 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.201102972 CET49743443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.201109886 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.205988884 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.206496000 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.206528902 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.206984043 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.206991911 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.318871975 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.319550037 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.319572926 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.320132017 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.320146084 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.333300114 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.333650112 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.333689928 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.334161997 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.334167957 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.650700092 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.650862932 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.650933981 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.651197910 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.651221037 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.651268959 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.651277065 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.654433966 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.654512882 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.654573917 CET49743443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.654839993 CET49743443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.654865980 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.654880047 CET49743443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.654886961 CET4434974313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.655522108 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.655548096 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.655612946 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.655972958 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.656142950 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.657715082 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.657752991 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.659034967 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.659147024 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.659162998 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.772011042 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.772104979 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.772284985 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.772656918 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.772656918 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.772677898 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.772699118 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.776005983 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.776130915 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.776231050 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.776457071 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.776494026 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.781328917 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.781492949 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.781567097 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.781789064 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.781821966 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.781842947 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.781851053 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.784948111 CET49753443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.784997940 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.785068035 CET49753443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.785228968 CET49753443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.785248041 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.910979033 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.911652088 CET49747443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.911669970 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.912231922 CET49747443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:33.912240028 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.312644958 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.312772036 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.330686092 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.330729008 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.331208944 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.354854107 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.354939938 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.355122089 CET49747443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.373023033 CET49747443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.373043060 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.373071909 CET49747443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.373081923 CET4434974713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.379942894 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.785725117 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:34.827373981 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.183775902 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.183875084 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.183954954 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.352279902 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.352319002 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.352996111 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.369891882 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.369934082 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.369959116 CET49748443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.369966984 CET4434974823.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.388561010 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.434549093 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.440421104 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.440483093 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.449441910 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.449471951 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.464137077 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.464154959 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.540010929 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.558928013 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.569895029 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.569914103 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.570394039 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.570400953 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.574273109 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.574311018 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.574816942 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.574822903 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.636523008 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.642771959 CET49753443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.642793894 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.646099091 CET49753443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.646106958 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.657983065 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.658036947 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.658147097 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.658963919 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.658984900 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.852421999 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.852508068 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.852565050 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.852921009 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.852979898 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.853018999 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.853037119 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.867290020 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.867346048 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.867424011 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.867580891 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.867600918 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.883138895 CET49762443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.883177042 CET44349762142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.883238077 CET49762443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.883466959 CET49762443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.883486032 CET44349762142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.993505001 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.993583918 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.993638039 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.993895054 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.993922949 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.993936062 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.993943930 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.997231960 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.997268915 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.997328997 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.997518063 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.997539043 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.005568027 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.005737066 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.005798101 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.005850077 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.005875111 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.005891085 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.005897999 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.008222103 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.008294106 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.008378983 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.008539915 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.008575916 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.090502024 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.090589046 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.090662956 CET49753443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.093291044 CET49753443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.093291044 CET49753443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.093328953 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.093343973 CET4434975313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.099644899 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.099687099 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.099760056 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.099931955 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.099950075 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.303476095 CET49766443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.303504944 CET44349766142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.303586006 CET49766443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.303849936 CET49766443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.303867102 CET44349766142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.378751040 CET49767443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.378778934 CET44349767142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.378846884 CET49767443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.379235983 CET49767443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.379260063 CET44349767142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.503551006 CET49768443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.503632069 CET44349768142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.503729105 CET49768443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.503927946 CET49768443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:36.503961086 CET44349768142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.129944086 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.130032063 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.131525040 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.131542921 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.131808043 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.133450985 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.179332972 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.285305977 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.285969019 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.286014080 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.286429882 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.286441088 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.578952074 CET44349762142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.579515934 CET49762443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.579544067 CET44349762142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.581170082 CET44349762142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.581238031 CET49762443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.581496000 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.585699081 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.585711002 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.586337090 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.586339951 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.969187021 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.969270945 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.969333887 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.970930099 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.970997095 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.971155882 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.976763010 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.977019072 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:37.979218006 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.018407106 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.018637896 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.018811941 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.113605976 CET44349766142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.123473883 CET44349767142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.159041882 CET49766443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.174649000 CET49767443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.213131905 CET44349768142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.257018089 CET49768443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.270418882 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.270473957 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.271404028 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.271418095 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.272032976 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.272073030 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.272114992 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.272123098 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.276031017 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.276053905 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277030945 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277113914 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277113914 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277120113 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277165890 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277834892 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277858973 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277872086 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.277879953 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.280080080 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.280096054 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.281634092 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.281639099 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.285130024 CET49766443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.285146952 CET44349766142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.285525084 CET49767443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.285531998 CET44349767142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.285830021 CET49768443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.285836935 CET44349768142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.286740065 CET44349767142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.286780119 CET44349766142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.286808968 CET49767443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.286863089 CET49766443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.286967993 CET44349768142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.287024975 CET49768443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.334523916 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.334569931 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.334645987 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.357882977 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.357922077 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.357945919 CET49757443192.168.2.523.218.208.109
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.357954025 CET4434975723.218.208.109192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.358417034 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.358445883 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.360311031 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.360332012 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.360404015 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.360654116 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.360667944 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596090078 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596236944 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596302986 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596318007 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596549988 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596575022 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596594095 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596612930 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596656084 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596666098 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596674919 CET49765443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.596679926 CET4434976513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.600838900 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.600878954 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.600909948 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.600949049 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.600953102 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.601018906 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.601408005 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.601421118 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.601452112 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.601471901 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.606787920 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.606865883 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.606918097 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.607070923 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.607070923 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.607089043 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.607101917 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.609308958 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.609347105 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.609424114 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.609647036 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:38.609671116 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.143634081 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.152527094 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.159202099 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.159225941 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.159862041 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.159868002 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.161504030 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.161569118 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.161992073 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.162008047 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.316747904 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.317250967 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.317266941 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.318069935 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.318075895 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.390944004 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.391689062 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.391712904 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.392565012 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.392573118 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.450171947 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.485953093 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.485965967 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.486511946 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.486519098 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.602078915 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.602158070 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.602246046 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.610342026 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.610342026 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.610390902 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.610419035 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.671171904 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.671260118 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.671355009 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.672027111 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.672043085 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.752254963 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.752418995 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.752975941 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.753232956 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.753248930 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.753257036 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.753262043 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.756441116 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.756525040 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.756609917 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.756871939 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.756906986 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.789756060 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.789841890 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.789916039 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.806978941 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.806991100 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.807001114 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.807007074 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.833961010 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.834045887 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.834120989 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.835659981 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.835671902 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.835686922 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.835694075 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.838434935 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.838449955 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.838531971 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.855484962 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.855529070 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.855609894 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.865416050 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.865427971 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.872528076 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.872565985 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.903075933 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.903258085 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.903320074 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.906896114 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.906896114 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.906905890 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:40.906915903 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:41.076267958 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:41.076322079 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:41.076394081 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:41.076725006 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:41.076746941 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.480588913 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.481250048 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.481272936 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.481791973 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.481800079 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.526360989 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.526969910 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.526997089 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.527477026 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.527488947 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.588047981 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.588645935 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.588661909 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.589174032 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.589188099 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.724597931 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.725260973 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.725284100 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.725747108 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.725753069 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.864125967 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.864721060 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.864752054 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.865248919 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.865257025 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.917623997 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.917723894 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.917787075 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.917989016 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.918004036 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.918016911 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.918025970 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.921061993 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.921108007 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.921205044 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.921385050 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.921402931 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.979037046 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.979111910 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.979362011 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.979414940 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.979414940 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.979439974 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.979451895 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.982160091 CET49783443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.982211113 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.982358932 CET49783443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.982508898 CET49783443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:42.982532024 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.022070885 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.022140980 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.023180008 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.023180008 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.023180008 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.025645971 CET49784443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.025672913 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.025774002 CET49784443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.026128054 CET49784443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.026137114 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.176649094 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.176837921 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.176907063 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.182178974 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.182194948 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.182209969 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.182216883 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.188231945 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.188283920 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.188348055 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.189402103 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.189433098 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.309457064 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.309525013 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.309585094 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.309854984 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.309871912 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.309881926 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.309886932 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.313376904 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.313414097 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.313483000 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.313683033 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.313697100 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.330897093 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:43.330919027 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.650404930 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.678839922 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.678874016 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.679341078 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.679347992 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.764338970 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.770364046 CET49783443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.770390987 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.771013975 CET49783443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.771022081 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.873992920 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.891731024 CET49784443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.891746044 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.892296076 CET49784443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.892303944 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:44.977514982 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.026036024 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.085370064 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.085549116 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.085644007 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.160543919 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.202263117 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.208925009 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.208992004 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.209042072 CET49783443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.315093040 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.315125942 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.315614939 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.315619946 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.315922976 CET49783443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.315957069 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.315984011 CET49783443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.315993071 CET4434978313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.326538086 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.326653004 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.326752901 CET49784443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.326838970 CET49784443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.326838970 CET49784443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.326853037 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.326864004 CET4434978413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.372890949 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.372890949 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.372922897 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.372936010 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.383696079 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.383717060 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.384140015 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.384146929 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.643100023 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.643212080 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.643332005 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.717953920 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.718044043 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.718301058 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.774243116 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.774271965 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.774286032 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.774293900 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.825644970 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.825644970 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.825680017 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.825695038 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.828835011 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.828864098 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.828953981 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.892343998 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.892393112 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.892452002 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.892745972 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.892762899 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.892942905 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.899939060 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.899955988 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.901171923 CET49790443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.901220083 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.901283979 CET49790443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.901463032 CET49790443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.901473999 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.951735020 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.951761961 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.952068090 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.952092886 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.953310966 CET49791443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.953355074 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.953628063 CET49791443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.964051962 CET49792443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.964087963 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.964267969 CET49792443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.965771914 CET49793443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.965796947 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.965974092 CET49793443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.966167927 CET49791443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.966192007 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.967700958 CET49792443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.967715025 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.970568895 CET49793443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.970582008 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.983666897 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.983679056 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.983735085 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.985405922 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.985420942 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.285787106 CET49801443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.285836935 CET4434980194.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.286161900 CET49801443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.321242094 CET49801443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.321260929 CET4434980194.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.536465883 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.536528111 CET44349802162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.536803007 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.537013054 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.537029982 CET44349802162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.573108912 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.573157072 CET44349803172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.573312044 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.573698044 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.573714018 CET44349803172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.656404018 CET49804443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.656439066 CET44349804162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.656627893 CET49804443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.755058050 CET49804443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.755100965 CET44349804162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.217113018 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.221771955 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.221820116 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.223306894 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.223375082 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.250763893 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.250924110 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.253793001 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.259807110 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.259840012 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.260063887 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.260106087 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.260848999 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.260910034 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.267478943 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.267546892 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.267726898 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.269709110 CET44349762142.250.181.100192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.269793987 CET49762443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.286473036 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.286869049 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.286894083 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.288342953 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.288402081 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.289499998 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.289586067 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.290108919 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.290117979 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.315346956 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.341938972 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.341943979 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.397730112 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.397747040 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.420099974 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.420161963 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.420233965 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.421427011 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.421446085 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.502170086 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.607554913 CET49767443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.607697964 CET49768443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.607733965 CET49766443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.607760906 CET49762443192.168.2.5142.250.181.100
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.654424906 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.654500961 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.654783964 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.655441999 CET49789443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.655452013 CET44349789172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.683470964 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.695533991 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.696162939 CET49792443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.696186066 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.696651936 CET49790443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.696683884 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.696840048 CET49792443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.696844101 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.697238922 CET49790443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.697246075 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.708158970 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.708235979 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.708381891 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.708512068 CET49788443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.708522081 CET44349788162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.739995003 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.740077019 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.740217924 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.740294933 CET49798443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.740302086 CET44349798162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.751979113 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.752302885 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.752662897 CET49791443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.752691984 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.753519058 CET49791443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.753524065 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.754187107 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.754219055 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.754646063 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.754651070 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.794460058 CET44349802162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.794718027 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.794744015 CET44349802162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.796205997 CET44349802162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.796264887 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.796680927 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.796777964 CET44349802162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.797144890 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.816155910 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.816706896 CET49793443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.816737890 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.817389965 CET49793443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.817394972 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.843373060 CET44349802162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.874054909 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.874072075 CET44349802162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.874814987 CET44349803172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.893241882 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.893261909 CET44349803172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.894324064 CET44349803172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.894401073 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.897588015 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.897651911 CET44349803172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.978329897 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.993982077 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:47.994002104 CET44349803172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.021725893 CET44349804162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.083225965 CET4434980194.245.104.56192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.103364944 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.103365898 CET49804443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.156244040 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.156335115 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.156436920 CET49792443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.156688929 CET49792443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.156688929 CET49792443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.156706095 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.156714916 CET4434979213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.159914017 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.159970999 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.160243988 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.160438061 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.160475016 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.161950111 CET49803443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.162060022 CET49801443192.168.2.594.245.104.56
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.162098885 CET49802443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.162218094 CET49804443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.180620909 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.180779934 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.180849075 CET49790443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.181030989 CET49790443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.181047916 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.181058884 CET49790443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.181065083 CET4434979013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.185496092 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.185528040 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.187098980 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.187263012 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.187277079 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.238522053 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.238713026 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.238800049 CET49791443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.238923073 CET49791443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.238977909 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.239029884 CET49791443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.239048004 CET4434979113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.242084026 CET49809443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.242132902 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.242203951 CET49809443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.242394924 CET49809443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.242413044 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.247725010 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.247894049 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.248001099 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.248125076 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.248143911 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.248157024 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.248162031 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.250931025 CET49810443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.250952959 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.251142025 CET49810443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.251282930 CET49810443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.251296043 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.290045023 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.290138960 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.290239096 CET49793443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.290656090 CET49793443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.290656090 CET49793443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.290664911 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.290673971 CET4434979313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.299133062 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.299173117 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.299299002 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.299613953 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:48.299632072 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.237768888 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.237859011 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.316225052 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.316243887 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.316610098 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.319878101 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.319878101 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.319911957 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.944845915 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.968086004 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.983217955 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.983234882 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.983732939 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.983741045 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.984543085 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.984572887 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.985016108 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:49.985025883 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.025295973 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.073517084 CET49809443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.073539019 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.074018955 CET49809443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.074027061 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.080642939 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.087660074 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.087675095 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.088509083 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.088515043 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.090828896 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.091029882 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.091115952 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.103502035 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.110951900 CET49810443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.110976934 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.111519098 CET49810443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.111525059 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.122381926 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.122381926 CET49805443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.122406006 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.122419119 CET4434980520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.260696888 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.260759115 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.260864019 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.261069059 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.261082888 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.390733004 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.390801907 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.391050100 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.391120911 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.391144037 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.391155005 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.391160965 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.394166946 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.394212008 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.394290924 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.394432068 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.394444942 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.411695957 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.411868095 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.411966085 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.413222075 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.413245916 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.415654898 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.415702105 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.415818930 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.416048050 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.416066885 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.416765928 CET49817443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.416801929 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.416912079 CET49817443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.417037964 CET49817443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.417051077 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.471151114 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.471338034 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.471393108 CET49809443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.471438885 CET49809443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.471456051 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.471470118 CET49809443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.471477985 CET4434980913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.473902941 CET49818443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.473947048 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.475001097 CET49818443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.475126028 CET49818443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.475148916 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.559596062 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.559612989 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.559664965 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.559688091 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.559745073 CET49810443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.559807062 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.580727100 CET49810443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.580743074 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.580755949 CET49810443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.580761909 CET4434981013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.582011938 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.582011938 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.582029104 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.582040071 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.604623079 CET49819443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.604655981 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.604924917 CET49819443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.605835915 CET49820443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.605875969 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.605968952 CET49820443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.606389999 CET49819443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.606403112 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.606496096 CET49820443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:50.606514931 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.108710051 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.109368086 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.109390020 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.109935045 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.109941959 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.148631096 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.149251938 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.149271965 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.150013924 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.150018930 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.150048018 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.150055885 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.200769901 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.201435089 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.201462030 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.202037096 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.202044010 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.202073097 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.202085018 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.203461885 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.203948021 CET49817443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.203973055 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.204408884 CET49817443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.204413891 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.273905039 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.274832964 CET49818443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.274852991 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.276196957 CET49818443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.276206017 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.327795982 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.329166889 CET49820443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.329205990 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.330143929 CET49820443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.330152035 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.391383886 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.392771959 CET49819443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.392791033 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.393764019 CET49819443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.393779993 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.543390989 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.543462992 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.543608904 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.579056025 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.579083920 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.579097033 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.579104900 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.582958937 CET49822443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.583022118 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.583108902 CET49822443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.583256960 CET49822443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.583276987 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.647831917 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.647914886 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.648015976 CET49817443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.702040911 CET49817443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.702064991 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.702126026 CET49817443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.702135086 CET4434981713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.716861963 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.716947079 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.717046976 CET49818443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.765786886 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.765853882 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.765994072 CET49820443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.842027903 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.842181921 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.842272043 CET49819443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.843267918 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.843521118 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.843622923 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.902400017 CET49819443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.902400017 CET49819443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.902417898 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.902427912 CET4434981913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.903654099 CET49818443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.903686047 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.903721094 CET49818443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.903729916 CET4434981813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.906178951 CET49823443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.906227112 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.906308889 CET49823443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.908536911 CET49820443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.908560991 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.908596039 CET49820443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.908602953 CET4434982013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.911701918 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.911701918 CET49814443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.911720991 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.911731958 CET4434981420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.913829088 CET49823443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.913841009 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.916425943 CET49824443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.916474104 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.916559935 CET49824443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.916723013 CET49824443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.916743040 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.919066906 CET49825443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.919097900 CET4434982513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.919173956 CET49825443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.919306040 CET49825443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.919323921 CET4434982513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.919811010 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.919840097 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.920274973 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.920453072 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:52.920471907 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.367530107 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.368693113 CET49822443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.368727922 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.369844913 CET49822443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.369851112 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.699671030 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.699975014 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.700192928 CET49823443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.700206995 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.700443983 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.700465918 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.701128006 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.701133966 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.701227903 CET49823443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.701236010 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.703058004 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.703413963 CET49824443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.703429937 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.703819990 CET49824443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.703825951 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.792522907 CET4434982513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.792975903 CET49825443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.793035030 CET4434982513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.793437958 CET49825443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.793454885 CET4434982513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.810921907 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.810998917 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.811079979 CET49822443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.811463118 CET49822443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.811487913 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.811501026 CET49822443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.811506987 CET4434982213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.826471090 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.826517105 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.827224970 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.827384949 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:54.827399015 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.141611099 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.141803980 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.141910076 CET49823443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.142591000 CET49823443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.142616034 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.142631054 CET49823443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.142638922 CET4434982313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.147092104 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.147243023 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.147434950 CET49824443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.148114920 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.148220062 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.148344040 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.148564100 CET49824443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.148577929 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.148607016 CET49824443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.148613930 CET4434982413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.150021076 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.150072098 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.151154041 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.151233912 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.151393890 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.159548044 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.159554958 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.164099932 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.164130926 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.164273024 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.166238070 CET49831443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.166264057 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.166338921 CET49831443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.166843891 CET49831443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.166870117 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.167244911 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.167263985 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.245346069 CET4434982513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.245435953 CET4434982513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.245657921 CET49825443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.249835014 CET49825443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.249874115 CET4434982513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.253716946 CET49832443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.253735065 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.253829956 CET49832443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.254296064 CET49832443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:55.254312992 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.671586037 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.680632114 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.680654049 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.681155920 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.681164026 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.930577993 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.931329966 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.931377888 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.932459116 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.932482004 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.968282938 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.969801903 CET49832443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.969856977 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.971231937 CET49832443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:56.971247911 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.013550043 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.014030933 CET49831443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.014074087 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.014624119 CET49831443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.014635086 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.019210100 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.019684076 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.019715071 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.020275116 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.020282030 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.126698971 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.126782894 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.126853943 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.127139091 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.127161026 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.127171993 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.127177954 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.131948948 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.131994009 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.135128021 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.135303974 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.135323048 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.494512081 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.494694948 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.494841099 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.494935989 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.494935989 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.494997978 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.495026112 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.498255014 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.498292923 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.498402119 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.498629093 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.498644114 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.566387892 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.566471100 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.566689014 CET49832443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.566796064 CET49832443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.566796064 CET49832443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.566845894 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.566871881 CET4434983213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.569917917 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.570017099 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.570103884 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.570306063 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.570342064 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.584441900 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.584610939 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.584686041 CET49831443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.584734917 CET49831443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.584734917 CET49831443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.584764957 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.584786892 CET4434983113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.585783005 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.585949898 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.586051941 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.586082935 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.586095095 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.587960958 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.587991953 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.588074923 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.588248014 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.588260889 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.589102983 CET49838443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.589165926 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.589258909 CET49838443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.589445114 CET49838443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.589481115 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.829554081 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.829595089 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.829613924 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.829807043 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.829807043 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.829881907 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.829973936 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.830142975 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.830143929 CET49816443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.830180883 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:57.830205917 CET4434981620.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.206480980 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.206522942 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.206679106 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.207067013 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.207093000 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.918406963 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.918945074 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.918965101 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.919466972 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:58.919481039 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.169851065 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.169876099 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.169979095 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.170921087 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.170936108 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.286695004 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.292606115 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.292625904 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.293080091 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.293086052 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.311738014 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.312499046 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.312652111 CET49838443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.312696934 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.312922955 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.312939882 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.313369989 CET49838443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.313376904 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.313915014 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.313920021 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.343909025 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.344424963 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.344435930 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.345002890 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.345006943 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.365015984 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.365083933 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.365151882 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.365359068 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.365376949 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.365392923 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.365400076 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.369718075 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.369751930 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.373038054 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.373198032 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.373212099 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.731997013 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.732073069 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.732125998 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.732158899 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.732238054 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.732306957 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.738836050 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.738871098 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.738888025 CET49836443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.738895893 CET4434983613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.746310949 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.746360064 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.746448040 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.752266884 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.752314091 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.752346039 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.752407074 CET49838443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.752448082 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.752676010 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.753999949 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.754023075 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.760581017 CET49838443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.760612965 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.760622978 CET49838443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.760631084 CET4434983813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.774492979 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.774492979 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.774522066 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.774533033 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.778917074 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.778942108 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.779026031 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.779189110 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.779197931 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.797101021 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.797189951 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.797643900 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.802294970 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.802294970 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.802315950 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.802325010 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.806170940 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.806217909 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.806302071 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.811598063 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.811630964 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.811758995 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.811786890 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.811805010 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.812012911 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.812024117 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.977569103 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.981478930 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.981504917 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.984942913 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.984952927 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.985234022 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:59.985248089 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:00.793190956 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:00.793271065 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:00.794986010 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:00.794994116 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:00.795397043 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:00.813138962 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:00.855377913 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.091553926 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.092124939 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.092139006 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.092597008 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.092602968 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.248934031 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.248964071 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249006033 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249026060 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249047041 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249059916 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249475956 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249491930 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249563932 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249670982 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249720097 CET4434983920.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.249778986 CET49839443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.384509087 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.384615898 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.384713888 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.384892941 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.384932041 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.445672989 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.445698977 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.445719004 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.445776939 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.445808887 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.445827961 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.445853949 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481143951 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481195927 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481244087 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481257915 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481282949 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481287003 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481339931 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481472969 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481491089 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481504917 CET49841443192.168.2.520.12.23.50
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.481511116 CET4434984120.12.23.50192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.533552885 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.533574104 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.533680916 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.533699036 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.533968925 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.533987045 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.534009933 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.534147978 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.534177065 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.534233093 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.537184000 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.537225008 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.537317991 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.537496090 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.537513971 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.548181057 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.548635960 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.548675060 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.549137115 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.549149036 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.566081047 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.566471100 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.566482067 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.566817999 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.566823006 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.597510099 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.598037958 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.598067045 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.598423958 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.598428965 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.657989025 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.658328056 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.658339024 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.658746958 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.658754110 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.995762110 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.995822906 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.995913029 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.995970011 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.996028900 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.996290922 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.996310949 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.996340036 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.996687889 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.996792078 CET4434984313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.996984005 CET49843443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.999283075 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.999324083 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.999408960 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.999577999 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:01.999600887 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.013200998 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.013257027 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.013434887 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.013446093 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.013562918 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.013562918 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.013580084 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.013926029 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.014025927 CET4434984413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.014184952 CET49844443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.016021013 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.016067028 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.016136885 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.016304970 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.016324043 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.042812109 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.045614004 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.045671940 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.045721054 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.045733929 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.045744896 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.045751095 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.048257113 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.048332930 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.048458099 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.048605919 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.048641920 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.110395908 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.113811970 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.113893986 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.113946915 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.113962889 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.114003897 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.114012003 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.116560936 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.116628885 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.116698027 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.116838932 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:02.116861105 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.212372065 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.259566069 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.305006981 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.305022001 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.305557013 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.305562973 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.305597067 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.305605888 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.315632105 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.368974924 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.393728971 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.393757105 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.394469023 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.394474983 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.758754969 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.758877993 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.758927107 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.767551899 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.784162998 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.806189060 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.808866978 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.824665070 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.848496914 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.897362947 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:03.945631027 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.005364895 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.005382061 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.005976915 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.005985022 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.006221056 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.006222010 CET49849443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.006275892 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.006284952 CET4434984913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.099474907 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.099508047 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.100474119 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.100481033 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.101428032 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.101460934 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.101860046 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.101866961 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.103319883 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.103338003 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.103988886 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.103993893 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.107995987 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.108026981 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.108036995 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.108083010 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.108091116 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.108112097 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.108129978 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.115417957 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.115489960 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.229969025 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.229969025 CET49848443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.229990005 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.229999065 CET4434984820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.341361046 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.344487906 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.344568014 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.415620089 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.418579102 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.418742895 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.426809072 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.429446936 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.429867983 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.429938078 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.432549000 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.432629108 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.513284922 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.513317108 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.513329029 CET49853443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.513336897 CET4434985313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.556039095 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.556070089 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.556111097 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.556118965 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.557503939 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.557552099 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.557569981 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.557579041 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.565404892 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.565442085 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.565462112 CET49851443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.565468073 CET4434985113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.598181009 CET49862443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.598212957 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.598382950 CET49862443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.630338907 CET49862443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.630367041 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.677787066 CET49863443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.677845955 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.677959919 CET49863443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.680139065 CET49863443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.680161953 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.681442976 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.681493044 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.683062077 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.683109045 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.683120966 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.683305025 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.683325052 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.683342934 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.685406923 CET49866443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.685420990 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.685493946 CET49866443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.685681105 CET49866443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.685694933 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.685880899 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.685909986 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:05.033838987 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:05.033881903 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:05.033987999 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:05.034223080 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:05.034240007 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.466870070 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.467346907 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.467363119 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.468058109 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.468065023 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.469222069 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.470402956 CET49866443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.470421076 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.471113920 CET49866443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.471120119 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.476934910 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.477369070 CET49862443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.477396011 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.478214979 CET49862443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.478239059 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.532521963 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.532886982 CET49863443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.532915115 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.533282995 CET49863443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.533288002 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.538189888 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.540328979 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.540343046 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.540745974 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.540750027 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.870991945 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.871076107 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.881220102 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.881241083 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.881994963 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.883078098 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.883116961 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.883140087 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.920902014 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.923846960 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.923990965 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.924110889 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.924181938 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.924942017 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.924988031 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.925017118 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.925034046 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.926950932 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.927026987 CET49866443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.929558992 CET49866443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.929558992 CET49866443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.929565907 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.929577112 CET4434986613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.930460930 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.930490017 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.930563927 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.930761099 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.930773020 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.931732893 CET49870443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.931823015 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.931919098 CET49870443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.932012081 CET49870443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.932046890 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.941701889 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.944684029 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.946212053 CET49862443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.946408033 CET49862443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.946439028 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.946456909 CET49862443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.946466923 CET4434986213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.948468924 CET49871443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.948481083 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.948560953 CET49871443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.948729992 CET49871443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.948740005 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.993380070 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.996557951 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.996613026 CET49863443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:06.998043060 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.001441956 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.001512051 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.003408909 CET49863443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.003429890 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.003441095 CET49863443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.003447056 CET4434986313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.005315065 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.005326033 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.005383015 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.005390882 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.019586086 CET49872443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.019608021 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.019712925 CET49872443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.027199984 CET49873443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.027270079 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.027395964 CET49873443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.030109882 CET49872443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.030122042 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.031485081 CET49873443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.031506062 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602387905 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602401972 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602493048 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602490902 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602535963 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602866888 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602866888 CET49867443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602890968 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.602904081 CET4434986720.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.839157104 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.839194059 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.839370012 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.839685917 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.839705944 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.872793913 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.872827053 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.872899055 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.873065948 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:07.873078108 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.667133093 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.680363894 CET49870443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.680404902 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.680955887 CET49870443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.680964947 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.721736908 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.722354889 CET49871443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.722372055 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.722668886 CET49871443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.722676039 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.767210960 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.768644094 CET49873443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.768678904 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.770453930 CET49873443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.770462036 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.797789097 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.799031973 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.799051046 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.799489021 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.799508095 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.895761013 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.904048920 CET49872443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.904063940 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.904829025 CET49872443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:08.904839039 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.101281881 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.101342916 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.101419926 CET49870443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.101756096 CET49870443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.101784945 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.101803064 CET49870443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.101809978 CET4434987013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.105082989 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.105118990 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.105204105 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.105443001 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.105460882 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.155096054 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.158153057 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.158252954 CET49871443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.158468008 CET49871443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.158483028 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.158503056 CET49871443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.158512115 CET4434987113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.162791014 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.162812948 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.163033962 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.163083076 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.163091898 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.205147982 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.208116055 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.208237886 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.208278894 CET49873443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.208298922 CET49873443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.208395958 CET49873443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.208420038 CET4434987313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.213713884 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.213757992 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.213907957 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.215157032 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.215173006 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.250186920 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.253218889 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.253283978 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.253304958 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.253396034 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.253509998 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.253509998 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.253525972 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.253537893 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.256520987 CET49880443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.256567955 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.256633043 CET49880443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.256815910 CET49880443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.256831884 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.348829031 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.348929882 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.348994017 CET49872443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.349195004 CET49872443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.349195004 CET49872443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.349210978 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.349219084 CET4434987213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.352058887 CET49881443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.352111101 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.352191925 CET49881443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.352350950 CET49881443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.352372885 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.694073915 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.694672108 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.694686890 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.695554972 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.695554972 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.695563078 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.695574999 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.695583105 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.695589066 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.714795113 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.715265036 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.715300083 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.715848923 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.715858936 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.715904951 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:09.715946913 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.385914087 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.385931015 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.386009932 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.386009932 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.386231899 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.412127972 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.412154913 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.412168026 CET49875443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.412173986 CET4434987520.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.570821047 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.570857048 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.570900917 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.570971012 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.570971012 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.571008921 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.578325033 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.579166889 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.886034012 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.886070013 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.886090994 CET49874443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.886099100 CET4434987420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.902537107 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.944397926 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.944427967 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.944855928 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.944863081 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.035911083 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.051636934 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.051644087 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.052195072 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.052200079 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.082612038 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.083359957 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.083416939 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.084319115 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.084326982 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.115457058 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.116905928 CET49880443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.116939068 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.117788076 CET49880443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.117795944 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.138494968 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.138858080 CET49881443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.138885975 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.139272928 CET49881443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.139278889 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.345005989 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.348644972 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.348747969 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.489419937 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.492547989 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.492928028 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.539963961 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.540138006 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.540209055 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.569936037 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.574902058 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.574965000 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.575033903 CET49880443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.590243101 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.593432903 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.593486071 CET49881443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.779807091 CET49880443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.779807091 CET49880443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.779877901 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.779891968 CET4434988013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.791044950 CET49881443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.791083097 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.791096926 CET49881443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.791105986 CET4434988113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.808887005 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.808919907 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.810753107 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.810770988 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.810781002 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.810786963 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.812483072 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.812494993 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.812508106 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:11.812515020 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.232471943 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.232507944 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.232568026 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.233632088 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.233670950 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.233748913 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.241389036 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.241405010 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.241477966 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.247932911 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.247971058 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.248049021 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.248301029 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.248323917 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.248756886 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.248774052 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.249408007 CET49893443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.249440908 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.249496937 CET49893443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.249545097 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.249558926 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.249710083 CET49893443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.249739885 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.252068043 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.252078056 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.253878117 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.253904104 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.253973007 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.254441023 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.254456997 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.667574883 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.667596102 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.667701006 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.668073893 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.668082952 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.669120073 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.669153929 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.669287920 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.669606924 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.669624090 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.672466040 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.672506094 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.672568083 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.673706055 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.673721075 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.207079887 CET49900443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.207115889 CET44349900149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.207345963 CET49900443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.207885981 CET49900443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.207897902 CET44349900149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.410466909 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.410510063 CET44349902162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.410676003 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.411348104 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.411365032 CET44349902162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.443434954 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.443460941 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.443591118 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.443802118 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.443815947 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.525532007 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.525572062 CET44349904172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.525769949 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.526041031 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.526057005 CET44349904172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.880145073 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.881253004 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.881278992 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.882966042 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.883027077 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.884387016 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.884478092 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.884952068 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.884963036 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.924911022 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.930057049 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.930071115 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.931515932 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.931598902 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.932687998 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.932766914 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.932971001 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.932980061 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.983792067 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.984142065 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.984185934 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.985563993 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.985641956 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.986810923 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.986885071 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.987134933 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.987147093 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.005513906 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.033304930 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.035945892 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.035974026 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.037393093 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.037400961 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.038050890 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.039619923 CET49893443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.039709091 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.040138960 CET49893443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.040155888 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.062547922 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.072170019 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.102904081 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.104178905 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.107793093 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.179832935 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.194808960 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.196971893 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.196971893 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.196993113 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.208982944 CET49909443192.168.2.5172.217.19.225
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.209027052 CET44349909172.217.19.225192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.209095955 CET49909443192.168.2.5172.217.19.225
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.209345102 CET49909443192.168.2.5172.217.19.225
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.209361076 CET44349909172.217.19.225192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.224890947 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.224915981 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.226136923 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.226144075 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.226182938 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.226193905 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.315614939 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.315718889 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.315803051 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.369609118 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.369693995 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.369795084 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.437803030 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.437900066 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.438000917 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.475722075 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.479279041 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.479357004 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.479430914 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.480384111 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.483450890 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.487040043 CET49893443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.581131935 CET44349900149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.584192991 CET49900443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.584214926 CET44349900149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.584955931 CET49897443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.584981918 CET44349897162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.585725069 CET49896443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.585745096 CET44349896172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.585983038 CET44349900149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.586040974 CET49900443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.587768078 CET49900443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.587960005 CET44349900149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.588016987 CET49900443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.590826988 CET49900443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.594331026 CET49910443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.594372988 CET44349910149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.594599962 CET49898443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.594615936 CET44349898162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.594615936 CET49910443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.595880032 CET49910443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.595897913 CET44349910149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.608805895 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.608823061 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.609481096 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.609488010 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.609711885 CET49893443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.609728098 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.609761000 CET49893443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.609766960 CET4434989313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.610814095 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.610830069 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.611654043 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.611659050 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.612543106 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.612561941 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.613151073 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.613157988 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.655472994 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.700351000 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.700368881 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.700382948 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.700391054 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.712970018 CET44349902162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.735296011 CET44349904172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.761414051 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.761442900 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.762362957 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.762387991 CET44349902162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.762618065 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.762633085 CET44349904172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.763642073 CET44349902162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.763715029 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.764121056 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.764133930 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.764189005 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.764286041 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.764360905 CET44349902162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.764565945 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.764640093 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.765310049 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.765319109 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.766083956 CET44349904172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.766161919 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.766630888 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.766733885 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.766910076 CET44349904172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.855063915 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.855123997 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.855196953 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.870338917 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.870361090 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.874491930 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.874536991 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.874604940 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.874869108 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.874883890 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.879977942 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.879977942 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.880008936 CET44349902162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.880024910 CET44349904172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904194117 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904217958 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904228926 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904266119 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904278040 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904299021 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904337883 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904356003 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904356003 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.904412031 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.905057907 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.905080080 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.905096054 CET49894443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.905102968 CET4434989420.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.910777092 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.910865068 CET44349903162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.910943985 CET49903443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.944149017 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.946599007 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.947244883 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.947592020 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.947916985 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.947937012 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.947948933 CET49889443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.947956085 CET4434988913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.949807882 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.949868917 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.950181007 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.950247049 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.950247049 CET49890443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.950278997 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.950295925 CET4434989013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953181982 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953233957 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953239918 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953293085 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953649998 CET49913443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953680038 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953763008 CET49913443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953809023 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953815937 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953825951 CET49891443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.953830004 CET4434989113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.954273939 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.954293966 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.954353094 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.954778910 CET49913443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.954797983 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.954907894 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.954920053 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.955785990 CET49915443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.955801964 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.955878019 CET49915443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.955993891 CET49915443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.956012011 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.975891113 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.976003885 CET44349904172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.976125002 CET49904443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.052470922 CET49916443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.052536964 CET44349916172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.052603006 CET49916443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.052711010 CET49917443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.052747011 CET44349917172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.052804947 CET49917443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.052918911 CET49916443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.052936077 CET44349916172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.053042889 CET49917443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.053057909 CET44349917172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.083770037 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.329871893 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.329924107 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.329999924 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.330456972 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.330476046 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.334081888 CET49919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.334125042 CET44349919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.334192038 CET49919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.334625006 CET49920443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.334666014 CET44349920162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.334743023 CET49920443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.334827900 CET49919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.334849119 CET44349919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.335145950 CET49920443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.335158110 CET44349920162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.628825903 CET49921443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.628865004 CET44349921162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.628930092 CET49921443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.629288912 CET49922443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.629332066 CET44349922162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.629376888 CET49922443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.629509926 CET49921443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.629527092 CET44349921162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.629651070 CET49922443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.629667044 CET44349922162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.630726099 CET49916443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.630827904 CET49917443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.631736040 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.631767035 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.631932020 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632209063 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632220984 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632270098 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632649899 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632671118 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632708073 CET49919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632749081 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632911921 CET49920443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.632951021 CET49921443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.633045912 CET49922443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.633161068 CET49909443192.168.2.5172.217.19.225
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.633687019 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.633697987 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.633750916 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.633958101 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.634011984 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.634068012 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.634732962 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.634763956 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.634792089 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.634876966 CET44349902162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.634921074 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.634947062 CET49902443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.635621071 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.635637999 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.635648012 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.635668039 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.635790110 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.635807991 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.635891914 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.635905027 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.636101961 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.636115074 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.636188030 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.636205912 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.671344042 CET44349917172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.675334930 CET44349919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.675338030 CET44349922162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.675344944 CET44349921162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.675348043 CET44349909172.217.19.225192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.675348997 CET44349916172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.675360918 CET44349920162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.948853016 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.948889017 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949107885 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949137926 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949143887 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949196100 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949357986 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949368000 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949731112 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949755907 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.949763060 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950001955 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950016022 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950026035 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950263023 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950283051 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950556040 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950567007 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950717926 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.950731993 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.999447107 CET44349909172.217.19.225192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.999521017 CET49909443192.168.2.5172.217.19.225
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.065748930 CET44349910149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.066523075 CET49910443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.066550016 CET44349910149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.067620039 CET44349910149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.067697048 CET49910443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.068840027 CET49910443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.068994999 CET44349910149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.069061995 CET49910443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.072000027 CET49933443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.072022915 CET44349933149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.072173119 CET49933443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.072534084 CET49933443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.072547913 CET44349933149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.339690924 CET44349917172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.339812040 CET44349917172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.339860916 CET49917443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.339889050 CET49917443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.389260054 CET44349916172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.389345884 CET49916443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.515124083 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.515163898 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.515278101 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516015053 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516031981 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516377926 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516427994 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516485929 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516761065 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516832113 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516918898 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516953945 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.516958952 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517059088 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517069101 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517081976 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517139912 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517271996 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517287970 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517390966 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517406940 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517479897 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517496109 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517692089 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.517713070 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.587260008 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.587285995 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.587353945 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.588382959 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.588408947 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.588762999 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.588782072 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.588794947 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.589016914 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.589036942 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.589595079 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.589638948 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.589828968 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.590306044 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.590327024 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.655821085 CET44349920162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.655961037 CET49920443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.656130075 CET44349919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.656213999 CET49919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.709309101 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.745927095 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.745955944 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.746438980 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.746445894 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.761820078 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.762366056 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.762392044 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.762895107 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.762900114 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.763521910 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.763905048 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.763943911 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.765827894 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.765846968 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.782413960 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.783236980 CET49915443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.783256054 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.784638882 CET49915443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.784647942 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.785480022 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.786623955 CET49913443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.786638975 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.787600994 CET49913443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.787606001 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.867839098 CET44349921162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.867923975 CET49921443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.868320942 CET44349922162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.868479013 CET44349922162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.868550062 CET49922443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.868550062 CET49922443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.872843981 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.873244047 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.873281002 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.874737978 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.874856949 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.875860929 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.875956059 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.881805897 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.881833076 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.882014990 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.882158995 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.882200003 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.882364035 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.882483959 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.882498026 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.882697105 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.882713079 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.908202887 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.911817074 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.913521051 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.933446884 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.933502913 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.933661938 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.933675051 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.933854103 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.933870077 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.934801102 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.934812069 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.934966087 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.935055971 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.937650919 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.937755108 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.938472033 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.938678026 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.939449072 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.939527988 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.939536095 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.939712048 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.940927029 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.940957069 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.941158056 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.941484928 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.941494942 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.942064047 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.942099094 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.942361116 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.942538977 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.942562103 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.955403090 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.955660105 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.955797911 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.955820084 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.956378937 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.956387043 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.956820965 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.956876040 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.957233906 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.957300901 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.957807064 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.957885027 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.958149910 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.958228111 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.001570940 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.001581907 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.001585007 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.001596928 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.001601934 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.001605034 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.001629114 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.001636028 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.079145908 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.079165936 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.079210997 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.079231024 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.143099070 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.146615982 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.146668911 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.146759987 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.162442923 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.164854050 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.169997931 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.194241047 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.194241047 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.194241047 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.194247961 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.198474884 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.198499918 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.198661089 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.198669910 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.200294018 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.200325966 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.200686932 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.200716019 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.201996088 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.201998949 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.202044010 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.202070951 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.202141047 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.202348948 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.202414989 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.202892065 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.202980042 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.203452110 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.203474998 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.203862906 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.203977108 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.205431938 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.205449104 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.207426071 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.207432985 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.207547903 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.207560062 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.208324909 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.209355116 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.214411974 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.216010094 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.217571974 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.218215942 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.219399929 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.223009109 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.228203058 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.230215073 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.231281996 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.231374979 CET49915443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.233288050 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.235389948 CET49913443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.270488977 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.270488977 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.270493031 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.270494938 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.270509005 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.270524979 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.270536900 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.295131922 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.382771015 CET49913443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.382771015 CET49913443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.382803917 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.382816076 CET4434991313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.384619951 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.384649992 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.384809017 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.384829044 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.385915041 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.385961056 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386365891 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386384964 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386428118 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386428118 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386461973 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386471987 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386476040 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386506081 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386662006 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386677027 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.386943102 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.387032986 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.387109041 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.387129068 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.387176991 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.387597084 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.387692928 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.388546944 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.388571024 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.388582945 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.388590097 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.398402929 CET49915443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.398402929 CET49915443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.398433924 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.398444891 CET4434991513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.401407003 CET49954443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.401438951 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.401875019 CET49954443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.402551889 CET49954443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.402568102 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.404413939 CET49955443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.404454947 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.404799938 CET49955443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.405196905 CET49955443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.405211926 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.407830000 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.407864094 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.408067942 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.476701021 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.476701021 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.476707935 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.476727009 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.478888988 CET44349933149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.480492115 CET49933443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.480508089 CET44349933149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.481964111 CET44349933149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.482067108 CET49933443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.484575033 CET49933443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.484803915 CET44349933149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.484818935 CET49933443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.485130072 CET49933443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.529361963 CET49957443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.529421091 CET44349957149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.529823065 CET49957443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.530525923 CET49957443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.530546904 CET44349957149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.533487082 CET49958443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.533523083 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.533775091 CET49958443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.539817095 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.539869070 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.539947987 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.540474892 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.540496111 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.541656971 CET49958443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.541673899 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.541722059 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.541742086 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.582597971 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.597794056 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.597825050 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.707819939 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.778389931 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.778726101 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.778759003 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.779845953 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.779907942 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.781239986 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.781533957 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.781610966 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.781743050 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.781752110 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.781888962 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.781899929 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.783207893 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.783271074 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.784454107 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.784528017 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.784692049 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.784698963 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.818124056 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.818418026 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.818454027 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.819540977 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.819607019 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.819902897 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.819976091 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.820060968 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.825360060 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.825579882 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.825618029 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.828653097 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.828728914 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.829035997 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.829121113 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.829180002 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.847776890 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.848001957 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.848032951 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.849064112 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.849143028 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.849731922 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.849797964 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.851933956 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.852142096 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.852159977 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.852281094 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.852492094 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.852515936 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.853621006 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.853677988 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.853977919 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.854048967 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.854803085 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.854892969 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.855279922 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.855382919 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.863342047 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.871342897 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.879998922 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.879998922 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.895117998 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.895143032 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.895155907 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.895174026 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.895445108 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.895445108 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.895500898 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.895534992 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.978929043 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.979263067 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.979357958 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.979785919 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.979800940 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.979860067 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.979871035 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.979913950 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.980643988 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.981961966 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.982045889 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.982183933 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.982191086 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.004817963 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.004848003 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.004901886 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.004918098 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.004931927 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.004960060 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.004980087 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.004983902 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.005033970 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.005729914 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.005744934 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.005757093 CET49918443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.005763054 CET4434991820.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.018243074 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.018261909 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.018268108 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.018498898 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.067343950 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.067414999 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.125790119 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.125832081 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.125927925 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.126187086 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.126204967 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.191335917 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.191397905 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.203886986 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.204118013 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.204158068 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.205207109 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.205291033 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.208828926 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.208915949 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357228041 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357244968 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357255936 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357268095 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357281923 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357285976 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357290983 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357292891 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357296944 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357316971 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357345104 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357350111 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357359886 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357362986 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357372046 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357374907 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357387066 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357408047 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357414007 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357428074 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357428074 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357455969 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.357512951 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.358997107 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.359008074 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.360177994 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.360238075 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.362199068 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.362273932 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.393946886 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.393975019 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402560949 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402601004 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402611017 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402651072 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402653933 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402666092 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402678013 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402699947 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402719021 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402719021 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402719021 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.402750015 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.412914991 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.413240910 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.413268089 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.414448977 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.414525986 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.416994095 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.417054892 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.418080091 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.418167114 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.421292067 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.425332069 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.425374985 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.425395966 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.425421953 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.425476074 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.433490992 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.441894054 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.441950083 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.441962957 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.447598934 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.447674036 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.447690010 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.450541019 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.450648069 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.450658083 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.467107058 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.467156887 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.467164040 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.467185974 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.467232943 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.470012903 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.470021963 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.475619078 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.483853102 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.483913898 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.483927965 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484004974 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484081030 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484102964 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484122038 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484144926 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484160900 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484175920 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484184027 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484215021 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484226942 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484251022 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.484270096 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.497033119 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.497051954 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.497101068 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.497116089 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.497159004 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.500735998 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.500739098 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.500763893 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.511322021 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.511337042 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.511574984 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.511574984 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.511606932 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.530358076 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.530369043 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.530437946 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.530469894 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.532655001 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.532680035 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.532740116 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.532780886 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.532794952 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.541766882 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.541825056 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.541834116 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.547669888 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.550797939 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.550807953 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.551862955 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.551928043 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.553500891 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.553849936 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.558123112 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.558197975 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.558213949 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.561763048 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.561806917 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.561817884 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.561830997 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.561837912 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.561873913 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.561889887 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568563938 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568614960 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568645954 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568650007 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568671942 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568674088 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568700075 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568711996 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.568731070 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.574112892 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.574145079 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.577574015 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.577586889 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.577634096 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.577647924 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.577661037 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.577672958 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.577714920 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.577724934 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.599205017 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.612756968 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.612813950 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.612854004 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.612895966 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.612911940 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.613259077 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.625979900 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.626060963 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.626070976 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.626082897 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.626136065 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.630510092 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.630522966 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.630595922 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.630616903 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.632924080 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.634530067 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.634540081 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.635843992 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.635921001 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.636636972 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.636647940 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.638259888 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.638319969 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.638364077 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.638494015 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.640060902 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.640151024 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.640156031 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.640203953 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.640214920 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.641432047 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.641489029 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.641494989 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.641519070 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.641613960 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.646964073 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.646981955 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.647002935 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.647012949 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.647038937 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.647049904 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.647080898 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.647228956 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.647275925 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.647286892 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.654381990 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.654428005 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.654434919 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.661467075 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.661531925 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.661539078 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.673178911 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.673249960 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.673254013 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.673260927 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.673316002 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.676949978 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.676975012 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677047968 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677067041 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677088976 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677109003 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677144051 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677159071 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677159071 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677159071 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677172899 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677201033 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.677966118 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.680243969 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.680265903 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.680282116 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.680316925 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.680324078 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.682537079 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.682602882 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.682617903 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.687388897 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.687446117 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.687458038 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.692084074 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.692145109 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.692152977 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.694092989 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.694178104 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.694206953 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.695512056 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.695512056 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.695524931 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.695533037 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.696784019 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.696830988 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.696836948 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.701410055 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.701462984 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.701469898 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704406023 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704449892 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704468966 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704474926 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704488039 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704503059 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704514980 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704530954 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704556942 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704659939 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.704713106 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.710704088 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.710745096 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.710752010 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.714627981 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.714685917 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.715497971 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.715544939 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.715552092 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.720087051 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.720133066 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.720139980 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721366882 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721385002 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721406937 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721426010 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721437931 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721473932 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721489906 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721501112 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721502066 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721502066 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721591949 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.721600056 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.730385065 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.730417967 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.730524063 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.732274055 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.732285976 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745783091 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745825052 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745862961 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745870113 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745881081 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745903015 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745906115 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745922089 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745937109 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745958090 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745975971 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.745996952 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.746464968 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.746475935 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.746505976 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.746527910 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.746551037 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.746561050 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.746571064 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.746606112 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.751715899 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.751758099 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.751773119 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.751781940 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.751785994 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.751797915 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.751835108 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.763411045 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.763425112 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.763480902 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.763500929 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.763536930 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.763542891 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.763562918 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.763602972 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765744925 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765767097 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765806913 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765830040 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765832901 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765855074 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765863895 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765876055 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765888929 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765909910 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765928984 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.765944958 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.773513079 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.773535967 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.773612022 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.773623943 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.773668051 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.774533033 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.774574995 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.774584055 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.774600983 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.774605036 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.774620056 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.774645090 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.774667025 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.789041042 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.789063931 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.789104939 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.789124966 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.789132118 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.789158106 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.789165974 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.789181948 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791057110 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791090965 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791158915 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791368008 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791388988 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791704893 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791749001 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791793108 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791805983 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791867018 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791867018 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791876078 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.791923046 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.792368889 CET49938443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.792385101 CET4434993823.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.803643942 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.803644896 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.803652048 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.804415941 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.804442883 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.804651022 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.804873943 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.804886103 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.823638916 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.823714018 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.823728085 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.825534105 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.825592041 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.825598001 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.831620932 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.831703901 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.831715107 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.832865953 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.832922935 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.832931995 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.836636066 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.836673975 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.836684942 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.836694956 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.836745977 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.839916945 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.839972973 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.840210915 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.843794107 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.843848944 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.843857050 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.847155094 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.847203016 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.847208977 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.848216057 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.848237991 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.848285913 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.848294973 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.848326921 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.850408077 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.850465059 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.850471020 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.854959965 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.855029106 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.855038881 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.857016087 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.857073069 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.857079029 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.860208035 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.860260010 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.860265017 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.863537073 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.863590002 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.863605022 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.863610029 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.863653898 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.866774082 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.870321035 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.870379925 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.870385885 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.870568037 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.870609045 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.870646000 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.870656967 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.870666027 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.873472929 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.873524904 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.873532057 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.876861095 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.876914024 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.876919985 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.877300024 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.877376080 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.877383947 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.880009890 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.880064011 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.880069971 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.886604071 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.886660099 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.886667013 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.889822960 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.889877081 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.889883041 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.892158031 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.892204046 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.892241001 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.892251968 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.892283916 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.893122911 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.893189907 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.893249989 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.893258095 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.893488884 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.896558046 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.898684025 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.898771048 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.898778915 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.899811029 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.899879932 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.899887085 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.903089046 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.903146029 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.903151989 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.906301022 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.906356096 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.906363010 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.909856081 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.909873009 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.909900904 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.909917116 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.909943104 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910000086 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910015106 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910283089 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910383940 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910394907 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910572052 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910623074 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910657883 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910690069 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.910701990 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.916627884 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.916680098 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.916687012 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.917382956 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.917450905 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.917476892 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919495106 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919575930 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919575930 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919586897 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919645071 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919663906 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919673920 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919719934 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919780016 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919792891 CET44349934142.251.35.161192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919804096 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.919879913 CET49934443192.168.2.5142.251.35.161
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.932399035 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.932416916 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.932455063 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.932477951 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.932495117 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.938899040 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.938965082 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.938978910 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.938999891 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.938993931 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.939030886 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.939044952 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.939057112 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.939399958 CET44349957149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.940407038 CET49957443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.940423012 CET44349957149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.941498041 CET44349957149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.941579103 CET49957443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.942605972 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.942694902 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.942707062 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.943572998 CET49957443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.943718910 CET44349957149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.944968939 CET49957443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.945003986 CET49957443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.948426008 CET49964443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.948462009 CET44349964149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.948622942 CET49964443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.949541092 CET49964443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.949559927 CET44349964149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954585075 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954611063 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954639912 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954655886 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954663992 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954678059 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954695940 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954701900 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954727888 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954739094 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.954751015 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.958091974 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.958116055 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.958223104 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.958236933 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.961237907 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.961350918 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.961370945 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.965703011 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.965783119 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.965794086 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.972372055 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.972394943 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.972446918 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.972460985 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.972467899 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.972507954 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.972512007 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.972532034 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.979127884 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.979144096 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.979168892 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.979206085 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.979217052 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.979247093 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.984055042 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.984127045 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.984143019 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991058111 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991132975 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991149902 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991163015 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991170883 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991183996 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991214991 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991246939 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991254091 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.991333008 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.009702921 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.009713888 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.009742022 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.009802103 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.009815931 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.009851933 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.009851933 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.027136087 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.027160883 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.027215958 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.027226925 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.027256012 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.027281046 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.034985065 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.035259962 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.035306931 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.035336971 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.035348892 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.035356045 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.035383940 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.035393000 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.035428047 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.040199995 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.040209055 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.040258884 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.040266037 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.040292978 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.042306900 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.042316914 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.042350054 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.042361975 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.042395115 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.042407990 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.042437077 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.042457104 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.047996044 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.048038006 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.048058033 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.048069954 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.048073053 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.048089027 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.048116922 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.052989006 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.053056955 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.053064108 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.061990023 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.062010050 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.062032938 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.062053919 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.062061071 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.062098980 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.065829992 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.065926075 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.065932035 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.074347019 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.074398994 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.074421883 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.074429035 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.074476004 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.078139067 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.078226089 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.078232050 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.086827993 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.086868048 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.087002039 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.087002039 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.087013006 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.090195894 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.090327024 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.090336084 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.122356892 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.122366905 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.122431993 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.122448921 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.132929087 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.132946968 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.133016109 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.133033037 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.133066893 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.137809992 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.137878895 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.137890100 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.147964001 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.147980928 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.148042917 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.148056984 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.148098946 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.149194956 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.149228096 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.149290085 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.149322033 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.149338007 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.149358988 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.152862072 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.152959108 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.152967930 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162807941 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162820101 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162837982 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162842989 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162910938 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162924051 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162960052 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162961006 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162987947 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.162992001 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.163002968 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.166791916 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.167117119 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.167129040 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.173831940 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.173851967 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.173892021 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.173903942 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.173923016 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.177432060 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.177464008 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.177525997 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.177536964 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.177563906 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.177584887 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.178292036 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.178368092 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.178376913 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.189578056 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.189985991 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.190097094 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.190120935 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.190166950 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.190181017 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.190212965 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.190232038 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.190715075 CET49955443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.190732956 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.191615105 CET49955443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.191620111 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.192550898 CET49954443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.192579985 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.194071054 CET49954443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.194087982 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.194298029 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.194473028 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.202923059 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.203047037 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.203058958 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.203071117 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.203134060 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.203169107 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.203289032 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.207501888 CET49937443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.207523108 CET4434993723.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.223881006 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.232095003 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.232121944 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.232227087 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.232261896 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.232284069 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.234756947 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.234766006 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.234797955 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.234836102 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.234842062 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.234879017 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.241101027 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.241110086 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.241127014 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.241136074 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.241172075 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.241185904 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.241215944 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.247272968 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.247350931 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.247356892 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.247378111 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.247421980 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.247430086 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.247432947 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.247467041 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.248492956 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.248507977 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.248596907 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.248630047 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.248651028 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.248676062 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.251071930 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.253515959 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.253544092 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.253591061 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.253598928 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.253627062 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.259324074 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.259352922 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.259397030 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.259407997 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.259517908 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.262923002 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.262972116 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.262995958 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.263000965 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.263030052 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.263072014 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.263207912 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.263216972 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.280415058 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.280472040 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.280641079 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.281112909 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.281131029 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313457012 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313496113 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313505888 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313555002 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313565016 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313572884 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313631058 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313631058 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313631058 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313642979 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313667059 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.313760996 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.321471930 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.325181961 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.325198889 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.325793982 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.325799942 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.326689959 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.327193022 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.327229023 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.327626944 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.327637911 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.331245899 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.331337929 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.331357956 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.338330030 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.338351965 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.338402987 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.338414907 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.338439941 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.342044115 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.342288017 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.342298985 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.348598957 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.348619938 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.348670959 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.348683119 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.348715067 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.352757931 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.352818966 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.352827072 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.360271931 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.360291958 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.360461950 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.360475063 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.363244057 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.363563061 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.363641977 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.363652945 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.370140076 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.370166063 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.370228052 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.370239973 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.370256901 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.373049974 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.373128891 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.373137951 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.401035070 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.401709080 CET49958443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.401736975 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.402307987 CET49958443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.402313948 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.424671888 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.424690008 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.424921036 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.424932957 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.424943924 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.424993992 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.425000906 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.425012112 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.425061941 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.426337004 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.455318928 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.455385923 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.455406904 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.455424070 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.455456018 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.455466986 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.455507994 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.457257986 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.457317114 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471333981 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471349001 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471373081 CET4434993623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471394062 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471409082 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471472025 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471482038 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471487999 CET49936443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.471601963 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.473021984 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.543625116 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.543652058 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.543740034 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.543775082 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.543797970 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.543817043 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.550084114 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.550108910 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.550173044 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.550184965 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.550199032 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.550240993 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.556636095 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.556668043 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.556740046 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.556756973 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.556773901 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.563277960 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.563301086 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.563426018 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.563426018 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.563450098 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.569036007 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.569052935 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.569117069 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.569137096 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.575978994 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.576013088 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.576064110 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.576087952 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.576103926 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.581813097 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.581834078 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.581969023 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.581969023 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.581983089 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.598586082 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.598618984 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.598817110 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.598829985 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.598881006 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.626841068 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.626868963 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.626960993 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.626983881 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.627223969 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.633733034 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.638843060 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.642013073 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.642098904 CET49954443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.642216921 CET49954443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.642216921 CET49954443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.642237902 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.642252922 CET4434995413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.645983934 CET49966443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.646043062 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.646291018 CET49966443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.646481991 CET49966443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.646502018 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.648283005 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.648308992 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.648432016 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.648432016 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.648443937 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.648525953 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.668484926 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.668503046 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.668549061 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.668570995 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.668602943 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.668632984 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.668937922 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.715939045 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.715966940 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.716089964 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.716109037 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.716175079 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.716175079 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.743876934 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.746788025 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.746905088 CET49955443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.746937037 CET49955443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.746937037 CET49955443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.746962070 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.746973991 CET4434995513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.750036955 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.750096083 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.750174046 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.750319958 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.750336885 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.754208088 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.754234076 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.754417896 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.754436016 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.755204916 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.760706902 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.760725975 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.760783911 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.760792017 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.760843992 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.760869026 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.766401052 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.767148972 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.767183065 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.767239094 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.767247915 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.767271996 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.767318010 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.769469023 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.769563913 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.769618034 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.769618034 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.769633055 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.769642115 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.770220041 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773226023 CET49968443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773262978 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773323059 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773359060 CET49968443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773376942 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773392916 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773423910 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773580074 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773612976 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773614883 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773636103 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773643970 CET49959443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773652077 CET4434995913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773662090 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773669958 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773703098 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773730040 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773735046 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773830891 CET49968443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.773847103 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.777399063 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.777446985 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.777545929 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.777745962 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.777764082 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.779351950 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.779387951 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.779443026 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.779452085 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.779571056 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.786107063 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.786129951 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.786194086 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.786211967 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.786277056 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.792181969 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.792218924 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.792274952 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.792287111 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.792315960 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.802000046 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.802036047 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.802090883 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.802107096 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.802144051 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.802299023 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.821875095 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.821906090 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.821985960 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.822000027 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.822191000 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.832676888 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.839008093 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.839041948 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.839142084 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.839153051 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.839185953 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.839325905 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.852936029 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.852972031 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.853035927 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.853044987 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.853123903 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.853123903 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.862715960 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.865318060 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.865339994 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.865444899 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.865456104 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.865839958 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.865967035 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.867005110 CET49958443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.870716095 CET49958443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.870745897 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.870776892 CET49958443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.870810032 CET4434995813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.877106905 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.877130032 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.877226114 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.877234936 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.877321005 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.879132986 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.879167080 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.879256010 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.879256010 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.879295111 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.879338980 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.880604982 CET49970443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.880650043 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.880742073 CET49970443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.885759115 CET49970443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.885823965 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.889653921 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.889679909 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.889776945 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.889786005 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.889959097 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.900537968 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.900563955 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.900624037 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.900631905 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.900681973 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.900681973 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.948234081 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.951785088 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.951814890 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.952505112 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.952505112 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.952517986 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.952538967 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.965399981 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.965461016 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.965528965 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.965528965 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.965562105 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.965612888 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.965621948 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.971642017 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.971719027 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.971770048 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.971796989 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.971812010 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.978018999 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.978066921 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.978111029 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.978130102 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.978144884 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.983647108 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.983712912 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.983778954 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.983778954 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.983793974 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.990394115 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.990438938 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.990571976 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.990571976 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.990623951 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.995953083 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.996006966 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.996146917 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.996146917 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.996162891 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.002505064 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.002551079 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.002629995 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.002629995 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.002649069 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.004919052 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.004954100 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.005413055 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.005413055 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.005428076 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.005482912 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.014233112 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.014256001 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.014444113 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.014451027 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.014550924 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.021976948 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.021997929 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.022067070 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.022067070 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.022074938 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.022305965 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.030451059 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.030471087 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.030558109 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.030558109 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.030566931 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.031162024 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.038368940 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.038393974 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.038439989 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.038445950 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.038500071 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.038500071 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.044917107 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.044943094 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.044981003 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.044987917 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.045012951 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.045097113 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.052058935 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.052074909 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.072449923 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.072504997 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.072551012 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.072563887 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.072592974 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.072693110 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.089849949 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.089905024 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.089926958 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.089973927 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.089973927 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.089973927 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.089997053 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.136516094 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.136542082 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.175968885 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.176009893 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.176055908 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.176069021 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.176090002 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.176093102 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.176132917 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.176136017 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.176192045 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182221889 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182243109 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182293892 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182313919 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182326078 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182326078 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182341099 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182372093 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.182372093 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.187823057 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.187856913 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.187956095 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.187956095 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.187971115 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.194142103 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.194175005 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.194267988 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.194267988 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.194282055 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200489998 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200515985 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200591087 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200627089 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200628996 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200640917 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200689077 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200689077 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200717926 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.200752974 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206361055 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206386089 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206446886 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206456900 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206496954 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206707954 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206768036 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206799984 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206815958 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.206832886 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.208276987 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.208369970 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.208390951 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.208452940 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.211443901 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.211467981 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.211555958 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.211565018 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.211627007 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.213931084 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.213956118 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.214037895 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.214051962 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.214087963 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.214169025 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.217374086 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.217401028 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.217737913 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.217757940 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.217978954 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.223146915 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.223166943 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.223227024 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.223237038 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.223305941 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.223342896 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.228606939 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.228630066 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.228702068 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.228702068 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.228710890 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.229434013 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.229546070 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.229554892 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.229615927 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.233798981 CET49952443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.233822107 CET4434995213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.248332977 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.301935911 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.301978111 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.302062988 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.302088976 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.302103043 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.303278923 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.357047081 CET44349964149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.375094891 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.387693882 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.387728930 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.387881994 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.387907982 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.387964010 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.388175011 CET49964443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.388195992 CET44349964149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.389739990 CET44349964149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.389842033 CET49964443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.394032955 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.394056082 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.394155025 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.394182920 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.394207001 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.397030115 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.397037983 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.400119066 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.400145054 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.400201082 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.400213957 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.400429964 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.406543016 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.406565905 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.406649113 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.406662941 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.406682968 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.412445068 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.412472963 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.412527084 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.412538052 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.412556887 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.417924881 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.417946100 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.418035984 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.418052912 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.421561003 CET49964443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.421857119 CET44349964149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.422060966 CET49964443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.424216986 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.424247026 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.424298048 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.424309015 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.424338102 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.449173927 CET49964443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.453149080 CET49971443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.453187943 CET44349971149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.453290939 CET49971443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.472665071 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.507879019 CET49971443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.507900000 CET44349971149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.508512020 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.508554935 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.509305000 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.509988070 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.510135889 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.510288000 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.510308027 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.510327101 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.511050940 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.512289047 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.512321949 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.512412071 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.512422085 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.512435913 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.512607098 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.513446093 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.527581930 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.533163071 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.533173084 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.534672022 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.534799099 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.543240070 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.543382883 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.543390036 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.583498001 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.583518982 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.592094898 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598622084 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598624945 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598649025 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598649025 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598722935 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598783016 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598836899 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598854065 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598854065 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598880053 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.598932981 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.603049040 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.603070974 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604192019 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604312897 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604549885 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604549885 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604592085 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604744911 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604796886 CET4434996020.190.147.11192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604939938 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604954958 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604974031 CET49960443192.168.2.520.190.147.11
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.604974985 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.605005026 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.605021954 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.605036974 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.605089903 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.605851889 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.605860949 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.608545065 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.608627081 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.608642101 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.608675957 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.608722925 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.614917994 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.614936113 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.615005970 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.615042925 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.615128994 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.620444059 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.620461941 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.620548010 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.620579004 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.620623112 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.626405954 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.626427889 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.626518011 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.626553059 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.626605034 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.632246017 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.632693052 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.632721901 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.632831097 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.632869959 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.632917881 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.652546883 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.721064091 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.721096992 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.721159935 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.721194029 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.721209049 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.724018097 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.807414055 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.807466984 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.807529926 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.807564020 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.807578087 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.808608055 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.812927008 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.812952042 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.813009977 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.813019991 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.813059092 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.813081980 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.813870907 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.814112902 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.814155102 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.815809965 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.816005945 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.819248915 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.819276094 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.819339037 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.819349051 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.819372892 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.819502115 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823048115 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823103905 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823183060 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823411942 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823431015 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823580980 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823750973 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823966980 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.823992968 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.825508118 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.825531006 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.825602055 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.825609922 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.825653076 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.831047058 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.831069946 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.831144094 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.831156015 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.831199884 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.837759972 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.837785006 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.837867975 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.837902069 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.837948084 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.843364000 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.843391895 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.843437910 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.843449116 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.843476057 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.843497992 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.863579035 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.931787968 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.931821108 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.931885958 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.931919098 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.931935072 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:20.931971073 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.017985106 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.018013000 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.018095016 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.018136978 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.018196106 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.018733978 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.018796921 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.024306059 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.024334908 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.024410963 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.024435043 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.024494886 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.030605078 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.030623913 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.030704021 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.030714035 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.030759096 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.036992073 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.037014961 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.037106037 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.037120104 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.037182093 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.042467117 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.042486906 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.042584896 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.042610884 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.042661905 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.049187899 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.049211979 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.049279928 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.049293995 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.049345016 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.054785013 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.054802895 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.054876089 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.054897070 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.054955006 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.055188894 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.055437088 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.055491924 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.056221962 CET49962443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.056236029 CET4434996213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.146605015 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.146632910 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.146719933 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.146754026 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.146797895 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.229094982 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.229120970 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.229171991 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.229202986 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.229219913 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.229248047 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.234309912 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.234329939 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.234380960 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.234392881 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.234426975 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.234451056 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.240345955 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.240369081 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.240483046 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.240500927 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.240562916 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.245743036 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.246165991 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.246185064 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.246248007 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.246260881 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.246316910 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.246325016 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.252160072 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.252188921 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.252233982 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.252249956 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.252286911 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.257745028 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.257765055 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.257843018 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.257859945 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.262860060 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.262926102 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.262933016 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.262948990 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.262994051 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.270847082 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.270860910 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.270886898 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.270931959 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.270946026 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.270978928 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.271003962 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.271054983 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.271279097 CET49965443192.168.2.5152.195.19.97
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.271287918 CET44349965152.195.19.97192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.355688095 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.355715036 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.355788946 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.355829954 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.355876923 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.434824944 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.435486078 CET49966443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.435548067 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.436127901 CET49966443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.436144114 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.439080954 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.439135075 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.439253092 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.439253092 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.439280033 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.439337969 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.445161104 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.445209980 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.445262909 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.445281029 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.445319891 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.445338964 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.445344925 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.449398994 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.449423075 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.449490070 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.449501991 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.449556112 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.451001883 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.451081038 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.451090097 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.451102972 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.451153040 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.451195955 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.451457977 CET49935443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.451477051 CET4434993523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.496293068 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.518079042 CET49968443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.518104076 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.521092892 CET49968443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.521102905 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559581995 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559644938 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559689999 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559710026 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559751034 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559771061 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559827089 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559827089 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559827089 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559828997 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559847116 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.559909105 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.597701073 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.619613886 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.619659901 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.620878935 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.620892048 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.678154945 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.691631079 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.691679001 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.693521023 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.693531036 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.721790075 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.721827030 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.721838951 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.721878052 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.721889973 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.721900940 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.721926928 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.721942902 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.722002983 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.722028017 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.742257118 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.743840933 CET49970443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.743891001 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.744337082 CET49970443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.744343996 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.744525909 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.744563103 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.744772911 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.744772911 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.744786978 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.744843960 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.787117004 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.787188053 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.787226915 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.787334919 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.787344933 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.787403107 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.888029099 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.890618086 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.890758038 CET49966443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.898564100 CET49966443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.898591042 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.898602962 CET49966443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.898610115 CET4434996613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.906666040 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.906682968 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.906729937 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.906785011 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.906801939 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.906832933 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.906920910 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.913110018 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.913151979 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.913259029 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.913770914 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.913789034 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.924247026 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.924273014 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.924376011 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.924386024 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.924455881 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.934998035 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.935071945 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.935081005 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.935172081 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.935278893 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.941920042 CET49963443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.941937923 CET4434996313.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.946270943 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.946345091 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.946409941 CET49968443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.951245070 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.951267958 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.951349974 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.951360941 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.951474905 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.973130941 CET49974443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.973181009 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.973366022 CET49974443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.973647118 CET49974443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.973670959 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.979840040 CET49968443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.979880095 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.979892015 CET49968443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.979899883 CET4434996813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.989926100 CET44349971149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.992145061 CET49971443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.992165089 CET44349971149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.992975950 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.993026018 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.993102074 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.993664980 CET44349971149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.993758917 CET49971443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.993833065 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.993850946 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.994291067 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.995884895 CET49971443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.996083021 CET49971443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.996088028 CET44349971149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.996222019 CET49971443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.999717951 CET49976443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.999768019 CET44349976149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.999845982 CET49976443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.000185966 CET49976443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.000205040 CET44349976149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.035339117 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.042342901 CET49977443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.042387009 CET4434997713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.043206930 CET49977443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.052134037 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.054280043 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.054342031 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.054399967 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.054486036 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.056515932 CET49977443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.056545019 CET4434997713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.057723045 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.057723045 CET49967443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.057786942 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.057805061 CET4434996713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.061254978 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.061290979 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.061369896 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.061491013 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.061506987 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.082134962 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.082194090 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.082467079 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.082467079 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.082482100 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.082554102 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.117640018 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.117660046 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.117801905 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.117815971 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.117933035 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.130904913 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.134090900 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.134176970 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.134175062 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.134227991 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.134253979 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.134275913 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.134293079 CET49969443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.134299994 CET4434996913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.137327909 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.137358904 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.137557030 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.137697935 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.137712002 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.141268015 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.141285896 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.141479969 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.141489029 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.141758919 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.158572912 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.158590078 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.158720016 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.158730030 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.158823967 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.193259001 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.196988106 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.197177887 CET49970443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.197593927 CET49970443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.197627068 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.197643995 CET49970443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.197654963 CET4434997013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.220370054 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.220397949 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.220592022 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.222448111 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.222461939 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.284270048 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.284298897 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.284425974 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.284440041 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.284466028 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.284533978 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.289375067 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.289649010 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.289688110 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.290247917 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.290613890 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.290714979 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.290812016 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.290848017 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.290859938 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.301574945 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.301604986 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.301681042 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.301690102 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.301733971 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.301754951 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.316474915 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.316513062 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.316625118 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.316637993 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.316651106 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.316943884 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.329932928 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.330032110 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.330687046 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.332077026 CET49946443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.332103014 CET4434994623.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.333568096 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.333591938 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.333646059 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.333653927 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.333700895 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.333700895 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.349055052 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.349075079 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.349172115 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.349183083 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.349253893 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.365878105 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.365905046 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.366086006 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.366100073 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.366277933 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.382752895 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.382771969 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.382834911 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.382844925 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.382903099 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.382903099 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.481977940 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.482013941 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.482076883 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.482105970 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.482163906 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.482163906 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.494858980 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.494883060 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.495029926 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.495029926 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.495040894 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.495153904 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.505712986 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.505737066 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.505836010 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.505846024 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.505934954 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.516938925 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.516973972 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.517153978 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.517164946 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.517234087 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.527475119 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.527522087 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.527581930 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.527631044 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.527684927 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.528238058 CET49961443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.528250933 CET4434996113.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.955960035 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.956001997 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.956029892 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.956069946 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.956079006 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.956127882 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.007509947 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.007563114 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.007627010 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.007947922 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.007968903 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.084069967 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123604059 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123622894 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123645067 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123653889 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123687029 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123694897 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123704910 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123735905 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.123748064 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.164293051 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.164329052 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.164374113 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.164422989 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.164423943 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.164453030 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.164472103 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.164505005 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.233088017 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.292506933 CET49974443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.292537928 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.293292999 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.294891119 CET49974443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.294991016 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.303528070 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.305877924 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.305905104 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.306018114 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.306049109 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.307013035 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.333619118 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.333647013 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.333741903 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.333779097 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.334175110 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.347812891 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.355812073 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.355832100 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.355911016 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.355931997 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.356506109 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.432228088 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.432260036 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.432346106 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.432369947 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.432395935 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.432420015 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.465825081 CET44349976149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.471195936 CET49974443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.492647886 CET49976443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.492691994 CET44349976149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.493988037 CET44349976149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.494071007 CET49976443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.506457090 CET49976443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.506659985 CET44349976149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.506747961 CET49976443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.506892920 CET49976443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.510570049 CET49985443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.510608912 CET44349985149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.510776043 CET49985443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.511336088 CET49985443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.511351109 CET44349985149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.526245117 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.526288986 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.526323080 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.526335955 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.526350021 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.526361942 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.526377916 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.526407003 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.639735937 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.639770031 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.639821053 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.640316963 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.644979954 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.645009995 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.645075083 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.646126032 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.646159887 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.646238089 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.646635056 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.646667004 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.646701097 CET49972443192.168.2.513.91.96.185
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.646709919 CET4434997213.91.96.185192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.646728992 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.647896051 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.647944927 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.648014069 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.648646116 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.648657084 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.648766994 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.649422884 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.649597883 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.655563116 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.655579090 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.655896902 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.655911922 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.656058073 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.656080008 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.656471014 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.656492949 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.656766891 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.656785965 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.692153931 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.697024107 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.734515905 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.734534025 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.735702038 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.735707998 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.786813021 CET4434997713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.824301958 CET49977443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.824327946 CET4434997713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.824991941 CET49977443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.824999094 CET4434997713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.860311985 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.882725954 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.891638041 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.891653061 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.906519890 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.906529903 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.912122011 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.912142992 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.912868023 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.912880898 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.024631977 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.025176048 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.025187969 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.025850058 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.025856972 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.146837950 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.150404930 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.150475979 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.150507927 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.150563955 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.150625944 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.151001930 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.151001930 CET49973443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.151017904 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.151035070 CET4434997313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.155067921 CET49991443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.155128956 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.155195951 CET49991443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.155380964 CET49991443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.155400038 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.227685928 CET4434997713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.231069088 CET4434997713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.231208086 CET49977443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.231208086 CET49977443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.231246948 CET49977443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.231290102 CET4434997713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.234961987 CET49992443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.235002041 CET4434999213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.235071898 CET49992443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.235218048 CET49992443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.235235929 CET4434999213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.308450937 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311482906 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311562061 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311579943 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311629057 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311697960 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311755896 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311773062 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311783075 CET49978443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.311789989 CET4434997813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.315356016 CET49993443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.315408945 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.315480947 CET49993443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.315665007 CET49993443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.315682888 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.320574999 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.323677063 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.323777914 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.323987961 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.323987961 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.324018002 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.324029922 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.326836109 CET49994443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.326874018 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.326944113 CET49994443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.327106953 CET49994443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.327121019 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.467600107 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.470833063 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.470895052 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.470902920 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.471026897 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.471124887 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.471124887 CET49981443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.471143961 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.471155882 CET4434998113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.492335081 CET49995443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.492420912 CET4434999513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.492500067 CET49995443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.498946905 CET49995443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.498980045 CET4434999513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.673422098 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.715339899 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.754142046 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.799359083 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.825474024 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.825835943 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.825872898 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.826435089 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.826929092 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.827065945 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.827141047 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.871342897 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.985462904 CET44349985149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.986130953 CET49985443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.986160994 CET44349985149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.987463951 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.987504005 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.987799883 CET44349985149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.987818003 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.987879992 CET49985443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.988143921 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.988167048 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.989711046 CET49985443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.989892960 CET49985443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.993031979 CET49997443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.993058920 CET44349997149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.995032072 CET49997443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.995507956 CET49997443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.995522022 CET44349997149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.082669020 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.083116055 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.083216906 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.102087021 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.102121115 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.102292061 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.103003979 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.103015900 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.140331984 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.140430927 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.144907951 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.183628082 CET49950443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.183640003 CET4434995018.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.228190899 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.228218079 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.228415966 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.228722095 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.228740931 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.240242958 CET49947443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.240257978 CET4434994720.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.240839005 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.250617027 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.283356905 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.295344114 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.376584053 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.376847982 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.376877069 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.378046989 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.378123045 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.378530979 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.378591061 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.378722906 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.423336029 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.428261042 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.428277969 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.443902969 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.444158077 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.444190979 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.444742918 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.445256948 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.445586920 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.445714951 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.445787907 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.446002960 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.446029902 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.446269035 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.446595907 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.446609020 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.447139025 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.447207928 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.447608948 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.447690964 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.447750092 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.449821949 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.449920893 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.450488091 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.450583935 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.450597048 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.472703934 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.488338947 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.488373041 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.491332054 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.491348028 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.503918886 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.503937960 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.510308027 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.510535955 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.510556936 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.512039900 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.512109041 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.512603998 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.512690067 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.512804985 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.534257889 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.549846888 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.559330940 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.580847979 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.581903934 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.581931114 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.591113091 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.591141939 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.591239929 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.591243982 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.591371059 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.592211008 CET49984443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.592225075 CET4434998413.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.592653036 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.592690945 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.593276978 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.593585968 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.593596935 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.698371887 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.700963020 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.701060057 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.702195883 CET49948443192.168.2.5204.79.197.237
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.702214956 CET44349948204.79.197.237192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.703010082 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.703041077 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.703274965 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.703453064 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.703466892 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706216097 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706260920 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706273079 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706291914 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706301928 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706311941 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706334114 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706367970 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706391096 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.706430912 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.771900892 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.813704967 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.813725948 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.815048933 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.815071106 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.816828966 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.816889048 CET4434998713.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.816982031 CET49987443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.823043108 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.823060989 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.823087931 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.823160887 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.823168039 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.823179960 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.823205948 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.823266029 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.830410957 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.830482960 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.873310089 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.873326063 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.873356104 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.873366117 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.873383045 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.873451948 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.873466969 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.873897076 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.957802057 CET4434999213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.959223986 CET49992443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.959270954 CET4434999213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.961291075 CET49992443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.961309910 CET4434999213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.002720118 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.003767967 CET49991443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.003794909 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.004403114 CET49991443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.004415989 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.006855965 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.006875038 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.006902933 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.006961107 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.006990910 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.007029057 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.007040024 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.023008108 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.023109913 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.044270039 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.046082020 CET49994443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.046124935 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.046627998 CET49994443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.046639919 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.047441006 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.047502995 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.047542095 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.047554016 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.047602892 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.075695038 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.075745106 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.075793028 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.075804949 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.075834990 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.075861931 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.096905947 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.101231098 CET49993443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.101269960 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.102121115 CET49993443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.102138996 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.189764023 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.189879894 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.193641901 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.193671942 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.193746090 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.193768024 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.194685936 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.194945097 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.195321083 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.198540926 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.198607922 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.198649883 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.198649883 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.206481934 CET49988443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.206501961 CET4434998813.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.207113028 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.207168102 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.207201004 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.207220078 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.207247019 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.207263947 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.207501888 CET49986443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.207519054 CET4434998613.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.208933115 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.208964109 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.209026098 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.209037066 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.209222078 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.209275961 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.227562904 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.227615118 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.227653980 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.227677107 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.227693081 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.227725029 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.228059053 CET49990443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.228077888 CET4434999013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.236299038 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.236393929 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.236413956 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.236495972 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.236547947 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.265460968 CET4434999513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.309185028 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.312026024 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.312109947 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.380266905 CET49995443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.392936945 CET4434999213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.396246910 CET4434999213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.399846077 CET49992443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.453787088 CET44349997149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.458477974 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.461580992 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.463722944 CET49991443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.465261936 CET49997443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.465279102 CET44349997149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.466504097 CET44349997149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.466592073 CET49997443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.480181932 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.483839035 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.483901024 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.483980894 CET49994443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.532263041 CET49997443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.532550097 CET44349997149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.532624006 CET49997443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.532835007 CET49997443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.544024944 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.544354916 CET50002443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.544420958 CET44350002149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.545041084 CET50002443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.545607090 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.546927929 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.548994064 CET49993443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.592068911 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.638976097 CET50002443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.639017105 CET44350002149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.648961067 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.690782070 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.700648069 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.700671911 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.700901031 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.700916052 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.701400995 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.702084064 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.702167034 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.703670979 CET49995443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.703701019 CET4434999513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.704547882 CET49995443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.704555988 CET4434999513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.704793930 CET49993443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.704811096 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.704822063 CET49993443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.704828024 CET4434999313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.708530903 CET49992443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.708554029 CET4434999213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.746469021 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.749938965 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.750957966 CET50003443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.750994921 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.751152992 CET50003443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.751612902 CET49991443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.751636028 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.751650095 CET49991443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.751658916 CET4434999113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.756217003 CET50004443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.756233931 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.756623030 CET50004443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.759371042 CET50004443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.759385109 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.759605885 CET49994443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.759630919 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.759643078 CET49994443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.759649992 CET4434999413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.790054083 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.790241003 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.802347898 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.812808037 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.813011885 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.813015938 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.813019991 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.813899994 CET49951443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.813941956 CET44349951104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.816924095 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.816972017 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.817038059 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.834688902 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.865468979 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.865514994 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.865560055 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.910088062 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.932535887 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.933862925 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.933897018 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.933934927 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.964782953 CET50003443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.964812994 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.976716042 CET50005443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.976737022 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.976928949 CET50005443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.978936911 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979111910 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979343891 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979434013 CET50006443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979479074 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979561090 CET50006443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979815006 CET50006443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979829073 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979953051 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.979965925 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.980062962 CET50005443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.980073929 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.990756035 CET49989443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.990770102 CET4434998913.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.028565884 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.030195951 CET4434999513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.034387112 CET4434999513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.034612894 CET49995443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.035023928 CET49995443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.035039902 CET4434999513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.038817883 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.038850069 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.038960934 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.039444923 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.039458036 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.285520077 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.285541058 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.285784960 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.285975933 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.286029100 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.286078930 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.286379099 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.286396980 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.286597967 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.286612988 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.290508986 CET50010443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.290539980 CET44350010204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.290807009 CET50010443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.290844917 CET50011443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.290883064 CET44350011204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.290972948 CET50010443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.290987968 CET44350010204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.290994883 CET50011443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.291161060 CET50011443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.291173935 CET44350011204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.364578962 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.364844084 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.364869118 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.365253925 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.365663052 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.365732908 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.365870953 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.376844883 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.377159119 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.377182961 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.377520084 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.377712011 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.377827883 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.377890110 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378079891 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378164053 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.379894972 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.380217075 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.380287886 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.380522966 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.381138086 CET49996443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.381155968 CET4434999620.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.393157959 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.393157959 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.393188953 CET4434999918.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.393254995 CET49999443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.409831047 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.409854889 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.423347950 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.449707985 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.449961901 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.450093031 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.450509071 CET49998443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.450529099 CET4434999820.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.457094908 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.457144976 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.457217932 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.457675934 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.457695007 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.821024895 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.821044922 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.821118116 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.821126938 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.822077990 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.822124958 CET4435000013.107.246.38192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.822246075 CET50000443192.168.2.513.107.246.38
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.827439070 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.827548981 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.827620983 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.829441071 CET50001443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.829467058 CET4435000120.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.124528885 CET44350002149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.125435114 CET50002443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.125467062 CET44350002149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.126683950 CET44350002149.154.167.220192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.126832962 CET50002443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.128861904 CET50002443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.129009962 CET50002443192.168.2.5149.154.167.220
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.544881105 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.545151949 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.545175076 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.546269894 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.546339989 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.547539949 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.547609091 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.567778111 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.568351030 CET50004443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.568381071 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.568881989 CET50004443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.568886995 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.587348938 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.587667942 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.587682009 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.589059114 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.589080095 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.589198112 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.589277029 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.590464115 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.590569019 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.632409096 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.632421017 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.632457018 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.679244041 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.815495014 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.816207886 CET50003443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.816229105 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.816725016 CET50003443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.816731930 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.824177980 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.824806929 CET50006443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.824841022 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.825428963 CET50006443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.825433969 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.825485945 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.825807095 CET50005443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.825828075 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.826216936 CET50005443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.826221943 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.830319881 CET44350011204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.830629110 CET50011443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.830648899 CET44350011204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.831733942 CET44350011204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.831891060 CET50011443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.833460093 CET50011443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.833573103 CET44350011204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.834230900 CET44350010204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.834577084 CET50010443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.834611893 CET44350010204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.834825039 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.835401058 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.835416079 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.835941076 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.835947037 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.836066008 CET44350010204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.836138964 CET50010443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.837172031 CET50010443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.837251902 CET44350010204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.882342100 CET50010443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.882356882 CET50011443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.882369041 CET44350010204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.882381916 CET44350011204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.929203033 CET50010443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.929215908 CET50011443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.011132956 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.014236927 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.014342070 CET50004443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.039155960 CET50004443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.039189100 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.039203882 CET50004443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.039213896 CET4435000413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.055048943 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.055098057 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.056906939 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.057334900 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.057347059 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.072741985 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.073748112 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.073764086 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.074151993 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.076778889 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.076849937 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.077076912 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.119339943 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.276400089 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.277507067 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.278620005 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.279429913 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.279541969 CET50006443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.279584885 CET50006443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.279597998 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.279608965 CET50006443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.279614925 CET4435000613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.280843973 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.280895948 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.280896902 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.280965090 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.281791925 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.281852961 CET50005443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.281899929 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.281899929 CET50007443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.281912088 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.281920910 CET4435000713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.282921076 CET50005443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.282926083 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.282943964 CET50005443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.282948971 CET4435000513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.334011078 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.337054014 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.337132931 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.337205887 CET50003443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.360614061 CET50016443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.360668898 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.360816002 CET50016443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.376283884 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.376327991 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.376588106 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.400080919 CET50003443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.400096893 CET4435000313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.412115097 CET50016443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.412146091 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.412276030 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.412292004 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.578089952 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.578114986 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.578196049 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.578211069 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.578223944 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.578280926 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.629136086 CET50014443192.168.2.520.96.153.111
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.629753113 CET4435001420.96.153.111192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.683525085 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.683583975 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.683655024 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.685301065 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.685326099 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.698960066 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.698995113 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.699059963 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.699279070 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.699294090 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.930594921 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.930641890 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.930742979 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.930936098 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.930964947 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.932826042 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.932874918 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.932925940 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.933223963 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.933233976 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.936834097 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.936858892 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.936922073 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.937064886 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.937079906 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.061477900 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.061517954 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.061624050 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.062611103 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.062629938 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.073744059 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.073785067 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.073843956 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.074424982 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.074446917 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.093024015 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.093055010 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.093168020 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.094165087 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.094181061 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.774234056 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.776216030 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.776228905 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.776926041 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.776932001 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.190757036 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.191771984 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.191797018 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.192301035 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.192306995 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.193661928 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.193958998 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.193968058 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.194338083 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.196855068 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.197211981 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.197240114 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.197436094 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.197490931 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.197604895 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.198442936 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.198524952 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.198972940 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.199050903 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.199055910 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.199088097 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.210352898 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.214318991 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.215307951 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.215336084 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.215336084 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.215351105 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.215361118 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.218328953 CET50026443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.218370914 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.221009016 CET50026443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.221169949 CET50026443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.221187115 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.237850904 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.238841057 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.238858938 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.239403009 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.239914894 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.240006924 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.240122080 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.243335009 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.253108025 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.253119946 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.278796911 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.282977104 CET50016443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.283004045 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.283488989 CET50016443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.283494949 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.287342072 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.299952030 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.325352907 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.328233957 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.328248024 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.329705954 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.329811096 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.330338001 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.330511093 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.330678940 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.330688953 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.337333918 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.337536097 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.337567091 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.339026928 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.339099884 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.339425087 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.339524984 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.339627981 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.339637995 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.378137112 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.393695116 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.407835007 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.408126116 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.408153057 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.409816027 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.409879923 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.410259962 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.410352945 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.410398960 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.451328993 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.463545084 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.463576078 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.480331898 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.481916904 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.481945038 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.482615948 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.482624054 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.516335964 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.528687000 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.529197931 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.529222012 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.529717922 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.529726028 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.641324043 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.644449949 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.644500971 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.644505978 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.644582033 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.644638062 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.644650936 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.644661903 CET50017443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.644668102 CET4435001713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.648298025 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.648339033 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.648415089 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.648596048 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.648616076 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.680000067 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.680093050 CET44349928172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.680147886 CET49928443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.704116106 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.704212904 CET44349925172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.704293966 CET49925443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.708770037 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.708940983 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.709013939 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.709218025 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.709291935 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.709367037 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.737709999 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.740951061 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.741818905 CET50016443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.741892099 CET50016443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.741914988 CET50016443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.741915941 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.741921902 CET4435001613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.742691994 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.742887974 CET44349923172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.742925882 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.742945910 CET49923443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.743053913 CET44349924172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.743165016 CET49924443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.746385098 CET50028443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.746421099 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.746484995 CET50028443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.746926069 CET50028443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.746949911 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.767996073 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.768021107 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.768040895 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.768095016 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.768102884 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.768125057 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.768173933 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.780569077 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.780597925 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.780682087 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.780745983 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.781478882 CET50023443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.781491995 CET44350023104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.790651083 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.790929079 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.791011095 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.804883957 CET50024443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.804898977 CET44350024104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919730902 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919760942 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919770002 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919806957 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919833899 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919872999 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919909954 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145035982 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145070076 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145078897 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145101070 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145109892 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145119905 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145145893 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145163059 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145209074 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145225048 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145256042 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145282030 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145289898 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145328999 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145364046 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145379066 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145390987 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145441055 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145500898 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145510912 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145545959 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145550966 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145561934 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145571947 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145580053 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145610094 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145613909 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145616055 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145647049 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145647049 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145653009 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145657063 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145658016 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145693064 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145715952 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145730972 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145734072 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.145739079 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146318913 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146327972 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146343946 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146372080 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146393061 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146414995 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146424055 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146424055 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146433115 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146454096 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146465063 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146475077 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146477938 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146513939 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146522045 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146574974 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146575928 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146604061 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146622896 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146637917 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146728992 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146771908 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146827936 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146917105 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.147208929 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.147258997 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.148612022 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.148632050 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.148647070 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.148653984 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.149652958 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.149662018 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.149673939 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.149682999 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.155180931 CET50025443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.155186892 CET44350025104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.159205914 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.159229040 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.159311056 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.159321070 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.159333944 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.159508944 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.161902905 CET50029443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.161923885 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.162538052 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.162559986 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.162590981 CET50029443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.162730932 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.268383980 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.268412113 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.268544912 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.268577099 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.271331072 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.274784088 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.274822950 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.274873972 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.274888039 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.274931908 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.274931908 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.293123007 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.293144941 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.293323994 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.293330908 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.293375015 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.305839062 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.305865049 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.305962086 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.305980921 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.305995941 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.306036949 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.310718060 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.310806990 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.318248034 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.318269968 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.318401098 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.318401098 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.318418026 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.318480968 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.328136921 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.328255892 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.328274012 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.328363895 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.329413891 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.329499006 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.336935997 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.337040901 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.343240023 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.343302965 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.343377113 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.353149891 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.353212118 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.353283882 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.437870026 CET50029443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.437892914 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.441469908 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.441497087 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.608057976 CET50021443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.608083963 CET44350021104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.608722925 CET50022443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.608750105 CET44350022104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.609314919 CET50020443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.609327078 CET44350020104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921271086 CET49927443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921305895 CET44349927162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921443939 CET49932443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921459913 CET49926443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921468019 CET44349932162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921483994 CET44349926162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921494961 CET49931443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921530008 CET44349931162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921613932 CET49929443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921624899 CET44349929162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921655893 CET49930443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.921695948 CET44349930162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.922055006 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.922096014 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.922214985 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.922765970 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.922780037 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.044011116 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.044590950 CET50026443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.044629097 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.045098066 CET50026443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.045114040 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.272885084 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.272923946 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.273006916 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.273631096 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.273643970 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.486991882 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.490493059 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.490570068 CET50026443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.490814924 CET50026443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.490840912 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.490854025 CET50026443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.490860939 CET4435002613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.494318008 CET50033443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.494343042 CET4435003313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.494434118 CET50033443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.494672060 CET50033443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.494688034 CET4435003313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.515438080 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.515938044 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.515949965 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.516431093 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.516437054 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.850172043 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.850214005 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.850331068 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.850647926 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.850667953 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.907581091 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.908349037 CET50028443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.908366919 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.908844948 CET50028443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.908850908 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.934051991 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.934098959 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.934170961 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.934603930 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.934619904 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.950037003 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.953058958 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.953227997 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.953630924 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.953630924 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.953648090 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.953656912 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.957552910 CET50036443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.957586050 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.957664013 CET50036443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.957808971 CET50036443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.957823038 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.180052042 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.180718899 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.180747032 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.181091070 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.181099892 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.298558950 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.300575018 CET50029443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.300591946 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.301121950 CET50029443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.301126957 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.359733105 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.367301941 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.368100882 CET50028443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.368376970 CET50028443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.368376970 CET50028443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.368396044 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.368406057 CET4435002813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.372965097 CET50037443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.372996092 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.376629114 CET50037443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.376629114 CET50037443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.376662016 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.534216881 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.537175894 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.537197113 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.537576914 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.537949085 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.538013935 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.538173914 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.538204908 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.538264990 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.616467953 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.619596958 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.619668007 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.619693041 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.619735003 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.619831085 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.619831085 CET50030443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.619848967 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.619857073 CET4435003013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.622672081 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.622723103 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.622802973 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.623083115 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.623116970 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.751646042 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.754746914 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.754821062 CET50029443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.754884958 CET50029443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.754884958 CET50029443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.754900932 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.754911900 CET4435002913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.757781982 CET50039443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.757819891 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.757916927 CET50039443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.758085966 CET50039443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.758110046 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.925417900 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.936125994 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.936141968 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.936549902 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.937565088 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.937629938 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.937827110 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.937851906 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.937903881 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.274758101 CET4435003313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.315587997 CET50033443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.410614014 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.410701036 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.410783052 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.410789967 CET50033443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.410806894 CET4435003313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.411412954 CET50033443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.411418915 CET4435003313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.475195885 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.476180077 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.476267099 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.490724087 CET50032443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.490758896 CET4435003220.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.493021965 CET50031443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.493041992 CET4435003120.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.526705980 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.546972990 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.546993017 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.548510075 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.548597097 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.549738884 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.549824953 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.550080061 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.550095081 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.550120115 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.550189018 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.596816063 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.632946014 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.634747028 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.634761095 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.636389017 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.636471987 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.637161016 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.637268066 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.637528896 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.637537003 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.637649059 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.637701035 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.738034964 CET4435003313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.741424084 CET4435003313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.741578102 CET50033443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.743412018 CET50033443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.743428946 CET4435003313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.746646881 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.747396946 CET50036443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.747417927 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.748157024 CET50036443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.748163939 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.756767988 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.756817102 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.756895065 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.757065058 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.757086992 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.160593987 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.161358118 CET50037443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.161371946 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.162049055 CET50037443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.162064075 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.219877958 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.222779989 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.222852945 CET50036443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.222908974 CET50036443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.222929955 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.222964048 CET50036443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.222973108 CET4435003613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.226706028 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.226744890 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.226818085 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.226959944 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.226988077 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.407423019 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.408534050 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.408534050 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.408548117 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.408565044 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.601988077 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.602554083 CET50039443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.602577925 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.603089094 CET50039443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.603127956 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.606192112 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.609194040 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.609273911 CET50037443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.609384060 CET50037443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.609384060 CET50037443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.609405994 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.609419107 CET4435003713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.612721920 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.612766981 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.612843037 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.612992048 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.613002062 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.854008913 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.854031086 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.854119062 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.854131937 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.855020046 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.855029106 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.855127096 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.855214119 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.855251074 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.855297089 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.858118057 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.858171940 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.859395981 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.859545946 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.859563112 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.057243109 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.060406923 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.060467958 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.060563087 CET50039443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.060633898 CET50039443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.060652018 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.060663939 CET50039443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.060671091 CET4435003913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.064378977 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.064412117 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.065757036 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.065902948 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.065917015 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.171911955 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.171992064 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.172056913 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.266668081 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.266747952 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.267077923 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.267467022 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.267467022 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.267489910 CET4435003420.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.267585993 CET50034443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.269917965 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.270009041 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.270076990 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.440177917 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.440264940 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.440871954 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.440937042 CET4435003520.42.73.26192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.440965891 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.443573952 CET50035443192.168.2.520.42.73.26
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.561623096 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.562227011 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.562259912 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.562731981 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.562740088 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.913933039 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.914063931 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.914113998 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.005454063 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.008584023 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.008630991 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.008651018 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.008708954 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.018302917 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.018332005 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.018346071 CET50040443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.018354893 CET4435004013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.022157907 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.022192001 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.023387909 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.023557901 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.023581028 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.046221018 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.046942949 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.046962976 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.047545910 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.047550917 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.479593039 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.485655069 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.485696077 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.486541986 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.486548901 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.489582062 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.493056059 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.493128061 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.496541977 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.496571064 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.496583939 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.496591091 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.511549950 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.511603117 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.511670113 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.512195110 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.512211084 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.666501999 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.667376041 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.667399883 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.668087959 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.668093920 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.880436897 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.880979061 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.881005049 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.881618023 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.881628990 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.922509909 CET49953443192.168.2.523.57.90.154
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.922535896 CET4434995323.57.90.154192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.922733068 CET49944443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.922739983 CET4434994423.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.922775030 CET49945443192.168.2.523.57.90.144
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.922816038 CET4434994523.57.90.144192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.923336983 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.923384905 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.923819065 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.924104929 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.924134970 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.943907976 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.946953058 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.947012901 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.947047949 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.947082996 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.947144032 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.947173119 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.947186947 CET50042443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.947195053 CET4435004213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.950711966 CET50048443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.950778008 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.950846910 CET50048443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.951011896 CET50048443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.951025963 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.109769106 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.109841108 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.110095024 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.110138893 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.110156059 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.110165119 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.110172033 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.114154100 CET50049443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.114188910 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.114262104 CET50049443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.114453077 CET50049443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.114470005 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.327821970 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.327843904 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.327930927 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.327965975 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.328238964 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.328253984 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.328279018 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.328562975 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.328593969 CET4435004413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.329014063 CET50044443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.331828117 CET50050443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.331876993 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.331954956 CET50050443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.332125902 CET50050443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.332144976 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.805377007 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.806169033 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.806195021 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.806683064 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.806690931 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.140913963 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.141257048 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.141284943 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.142355919 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.142484903 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.142848969 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.142925024 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.143079996 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.143093109 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.190613985 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.251497030 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.254653931 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.254724979 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.254749060 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.254806042 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.254826069 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.254848003 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.254861116 CET50045443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.254868031 CET4435004513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.259356976 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.259407043 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.259783983 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.259783983 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.259816885 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.292465925 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.293129921 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.293163061 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.293765068 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.293772936 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.576518059 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.576540947 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.576602936 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.576606035 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.576668978 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.579334021 CET50047443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.579361916 CET44350047104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.585625887 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.585664988 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.585840940 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.586242914 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.586252928 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.728298903 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.728904963 CET50048443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.728919029 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.729552984 CET50048443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.729557991 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.740839005 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.740870953 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.740921021 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.740928888 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.740979910 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.741197109 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.741213083 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.741229057 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.741236925 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.745868921 CET50053443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.745913982 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.746006012 CET50053443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.746606112 CET50053443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.746618986 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.909291029 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.910681963 CET50049443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.910717010 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.911354065 CET50049443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:40.911360979 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.110939026 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.112207890 CET50050443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.112236977 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.113727093 CET50050443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.113733053 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.176115036 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.179554939 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.179635048 CET50048443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.179717064 CET50048443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.179733992 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.179744959 CET50048443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.179752111 CET4435004813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.182863951 CET50054443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.182907104 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.183056116 CET50054443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.183255911 CET50054443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.183267117 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.354904890 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.357861996 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.357933998 CET50049443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.358028889 CET50049443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.358047962 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.358089924 CET50049443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.358097076 CET4435004913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.361170053 CET50055443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.361207962 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.361284018 CET50055443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.361498117 CET50055443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.361524105 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.558850050 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.562798977 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.562874079 CET50050443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.562958002 CET50050443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.562975883 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.562987089 CET50050443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.562993050 CET4435005013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.566694975 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.566726923 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.566831112 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.567013025 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.567025900 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.890764952 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.891403913 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.891416073 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.891807079 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.892887115 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.892995119 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.893125057 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.939330101 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:41.940587044 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.220285892 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.220884085 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.220918894 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.221390963 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.221398115 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.352638960 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.352670908 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.352679014 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.352763891 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.352771997 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.352869987 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.354609013 CET50052443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.354625940 CET44350052104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.362966061 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.363034964 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.363193989 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.363583088 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.363606930 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.562747955 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.562819004 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.563694000 CET49974443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.588602066 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.589190960 CET50053443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.589226007 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.589705944 CET50053443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.589713097 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.644598007 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.644694090 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.644766092 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.664176941 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.667503119 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.667553902 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.667686939 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.667812109 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.667841911 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.667855978 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.667862892 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.670841932 CET50058443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.670886040 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.671242952 CET50058443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.671339035 CET50058443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:42.671346903 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.045711040 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.046295881 CET50055443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.046329975 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.046792030 CET50055443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.046797991 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.065499067 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.065572977 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.065639019 CET50053443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.066157103 CET50053443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.066178083 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.066185951 CET50053443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.066191912 CET4435005313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.069334030 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.069386959 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.069607973 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.069758892 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.069793940 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.087877035 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.088299990 CET50054443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.088320971 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.088824987 CET50054443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.088829994 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.329607964 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.330364943 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.330384016 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.330848932 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.330853939 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.509239912 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.512366056 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.512444973 CET50055443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.512577057 CET50055443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.512593985 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.512607098 CET50055443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.512613058 CET4435005513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.516710997 CET50060443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.516726017 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.517395973 CET50060443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.517395973 CET50060443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.517436981 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.545006037 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.548154116 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.548191071 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.548255920 CET50054443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.548295975 CET50054443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.548315048 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.548330069 CET50054443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.548336029 CET4435005413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.551630020 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.551673889 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.551938057 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.558116913 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.558134079 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.675928116 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.676290989 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.676321983 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.676650047 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.677237034 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.677284956 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.677474022 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.723324060 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.765741110 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.768889904 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.768938065 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.768970966 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.769049883 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.769049883 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.769049883 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.772102118 CET50062443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.772130966 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.772546053 CET50062443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.772546053 CET50062443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:43.772569895 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.081269979 CET50056443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.081286907 CET4435005613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.305471897 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.305502892 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.305561066 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.305577993 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.305633068 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.306658030 CET50057443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.306683064 CET44350057104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.312419891 CET49974443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.312439919 CET4434997423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.312447071 CET49975443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.312478065 CET4434997523.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.313081026 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.313128948 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.313265085 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.313529015 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.313541889 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.398303986 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.398884058 CET50058443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.398900986 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.399405003 CET50058443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.399413109 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.791908026 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.792598963 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.792639971 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.793137074 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.793143988 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.832746983 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.835855007 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.835956097 CET50058443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.836000919 CET50058443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.836000919 CET50058443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.836015940 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.836025953 CET4435005813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.840033054 CET50064443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.840089083 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.840157032 CET50064443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.840327978 CET50064443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:44.840344906 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.232047081 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.235152960 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.235250950 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.235361099 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.235388041 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.235403061 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.235409975 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.241642952 CET50065443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.241693974 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.241842031 CET50065443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.241895914 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.242981911 CET50065443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.242995977 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.248158932 CET50060443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.248172998 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.248816013 CET50060443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.248821974 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.438539982 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.439306974 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.439342976 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.439929008 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.439934969 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.619384050 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.619698048 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.619716883 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.620069027 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.620384932 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.620440960 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.620543003 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.663296938 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.663853884 CET50062443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.663887024 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.664391994 CET50062443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.664397955 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.667335987 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.687362909 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.687453032 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.687577963 CET50060443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.687665939 CET50060443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.687665939 CET50060443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.687681913 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.687690973 CET4435006013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.690479994 CET50066443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.690558910 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.690742970 CET50066443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.690912008 CET50066443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.690928936 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.873233080 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.878115892 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.878194094 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.879082918 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.879105091 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.879117966 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.879125118 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.882937908 CET50067443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.882971048 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.883094072 CET50067443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.883240938 CET50067443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:45.883255005 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.084470987 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.084506035 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.084574938 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.084603071 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.084655046 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.084709883 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.085992098 CET50063443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.086014986 CET44350063104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.092340946 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.092400074 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.092463970 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.092803001 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.092816114 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.110447884 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.113616943 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.115916967 CET50062443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.115978956 CET50062443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.115978956 CET50062443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.115997076 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.116010904 CET4435006213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.119606018 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.119626999 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.119692087 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.119978905 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.119990110 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.618088007 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.618695021 CET50064443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.618751049 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.619204998 CET50064443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:46.619210958 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.054761887 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.054812908 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.054872990 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.054968119 CET50064443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.055265903 CET50064443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.055298090 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.055319071 CET50064443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.055325031 CET4435006413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.059185028 CET50070443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.059242010 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.059334993 CET50070443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.059515953 CET50070443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.059531927 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.162767887 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.163458109 CET50065443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.163480043 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.164061069 CET50065443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.164066076 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.401623964 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.402213097 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.402234077 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.402575970 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.403120041 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.403176069 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.403376102 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.447339058 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.478548050 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.479304075 CET50066443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.479340076 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.479979038 CET50066443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.479984999 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.604130030 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.604703903 CET50067443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.604727030 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.605226040 CET50067443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.605231047 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.616086960 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.616200924 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.616274118 CET50065443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.616419077 CET50065443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.616442919 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.616452932 CET50065443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.616466999 CET4435006513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.619483948 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.619519949 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.619762897 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.619796038 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.619801044 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.856101036 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.856143951 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.856232882 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.856246948 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.856265068 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.856288910 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.856332064 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.858618975 CET50068443192.168.2.5104.117.182.59
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.858632088 CET44350068104.117.182.59192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.874376059 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.874481916 CET4435000923.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.874545097 CET50009443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.920636892 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.920731068 CET4435000823.57.90.148192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.920809031 CET50008443192.168.2.523.57.90.148
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.921981096 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.925112009 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.925179958 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.925266027 CET50066443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.925848007 CET50066443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.925870895 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.925884008 CET50066443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.925889969 CET4435006613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.929307938 CET50072443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.929347992 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.929459095 CET50072443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.929748058 CET50072443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.929763079 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.970391035 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.971246004 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.971257925 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.971592903 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.971599102 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.039021969 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.042175055 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.042603016 CET50067443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.043339968 CET50067443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.043339968 CET50067443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.043359995 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.043378115 CET4435006713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.063702106 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.063756943 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.063852072 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.064547062 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.064563036 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.597523928 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.597559929 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.597609997 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.597703934 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.597763062 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.605782032 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.605803013 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.606014967 CET50069443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.606021881 CET4435006913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.658443928 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.658488989 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.658746958 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.786824942 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.789223909 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.789273977 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.793128967 CET50070443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.793143034 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.793735981 CET50070443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.793740988 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.223329067 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.226540089 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.226623058 CET50070443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.226694107 CET50070443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.226720095 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.226738930 CET50070443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.226744890 CET4435007013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.230012894 CET50075443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.230076075 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.230223894 CET50075443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.230526924 CET50075443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.230549097 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.465478897 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.466120958 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.466139078 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.466624975 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.466631889 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.856192112 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.857537985 CET50072443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.857553959 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.858314991 CET50072443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.858320951 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.917730093 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.921127081 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.921180964 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.921238899 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.921336889 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.921371937 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.921391010 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.921417952 CET50071443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.921428919 CET4435007113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.924628973 CET50076443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.924689054 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.924846888 CET50076443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.925434113 CET50076443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.925450087 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.966008902 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.966569901 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.966579914 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.967112064 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.967118025 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.311942101 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.316436052 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.316505909 CET50072443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.323754072 CET50072443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.323780060 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.323791027 CET50072443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.323797941 CET4435007213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.326916933 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.326970100 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.327131987 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.327346087 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.327358961 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.409778118 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.409836054 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.409904957 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.409907103 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.410068989 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.410326958 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.410332918 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.410346985 CET50073443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.410351038 CET4435007313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.413286924 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.413297892 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.413454056 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.413605928 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.413619041 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.579574108 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.580142975 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.580167055 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.580636978 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.580643892 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.950143099 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.950736046 CET50075443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.950758934 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.951248884 CET50075443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.951255083 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.029361963 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.029386044 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.029468060 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.029498100 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.029824018 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.029836893 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.029911041 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.030020952 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.030065060 CET4435007413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.030113935 CET50074443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.045505047 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.045562983 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.045641899 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.045784950 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.045798063 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.388297081 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.391422987 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.391488075 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.391597986 CET50075443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.395529032 CET50075443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.395553112 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.395590067 CET50075443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.395597935 CET4435007513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.558722019 CET50080443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.558770895 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.558892965 CET50080443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.565781116 CET50080443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.565799952 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.661983967 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.662954092 CET50076443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.662981033 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.663446903 CET50076443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.663454056 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.067003012 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.067555904 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.067590952 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.068156004 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.068161964 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.147623062 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.147799015 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.147861004 CET50076443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.148154020 CET50076443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.148186922 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.148204088 CET50076443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.148214102 CET4435007613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.151320934 CET50081443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.151350021 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.151434898 CET50081443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.151601076 CET50081443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.151612043 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.214051008 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.218344927 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.218384981 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.218933105 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.218941927 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.504744053 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.507802963 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.507864952 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.507864952 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.507921934 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.508032084 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.508045912 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.508057117 CET50077443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.508061886 CET4435007713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.511415958 CET50082443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.511471033 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.511554956 CET50082443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.511734009 CET50082443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.511749983 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.647900105 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.647999048 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.648094893 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.648324966 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.648356915 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.648370981 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.648377895 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.651885033 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.651921034 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.652087927 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.652271986 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.652283907 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.881458998 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.902827978 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.902849913 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.914699078 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.914706945 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.315762043 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.317158937 CET50080443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.317240000 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.317790031 CET50080443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.317809105 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.324834108 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.328085899 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.328133106 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.328156948 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.328191042 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.328259945 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.328274965 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.328284979 CET50079443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.328289986 CET4435007913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.331819057 CET50084443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.331866026 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.331933022 CET50084443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.332082033 CET50084443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.332098007 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.754024029 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.757217884 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.757301092 CET50080443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.757388115 CET50080443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.757452965 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.757489920 CET50080443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.757508039 CET4435008013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.760797024 CET50085443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.760833979 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.760910034 CET50085443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.761183977 CET50085443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.761194944 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.936984062 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.949836016 CET50081443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.949851990 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.950596094 CET50081443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.950602055 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.226363897 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.234572887 CET50082443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.234635115 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.235737085 CET50082443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.235750914 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.382045984 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.385111094 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.385169029 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.387223005 CET50081443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.432367086 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.487457991 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.515264034 CET50081443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.515264034 CET50081443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.515290022 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.515301943 CET4435008113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.516777039 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.516782999 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.517468929 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.517473936 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.552184105 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.552227020 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.552400112 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.553082943 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.553105116 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.661905050 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.665009022 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.665654898 CET50082443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.665946007 CET50082443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.665946960 CET50082443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.665993929 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.666026115 CET4435008213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.670180082 CET50087443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.670233965 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.670438051 CET50087443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.670789003 CET50087443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.670802116 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.875436068 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.878777981 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.878828049 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.878833055 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.878945112 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.879018068 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.879044056 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.879056931 CET50083443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.879064083 CET4435008313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.882924080 CET50088443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.882985115 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.883096933 CET50088443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.883249044 CET50088443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.883271933 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.046267986 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.046865940 CET50084443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.046894073 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.047396898 CET50084443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.047403097 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.480184078 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.483782053 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.483860970 CET50084443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.484009027 CET50084443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.484035015 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.484045982 CET50084443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.484055042 CET4435008413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.489343882 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.489409924 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.489505053 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.489888906 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.489906073 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.541429996 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.543339968 CET50085443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.543369055 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.543853998 CET50085443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.543859005 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.985927105 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.989512920 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.993098021 CET50085443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.998697042 CET50085443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.998716116 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.998760939 CET50085443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.998768091 CET4435008513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.002737999 CET50090443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.002789974 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.002863884 CET50090443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.003084898 CET50090443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.003098011 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.387243032 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.388143063 CET50087443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.388155937 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.388525009 CET50087443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.388530016 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.399302006 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.399642944 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.399660110 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.400018930 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.400024891 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.664848089 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.665498018 CET50088443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.665530920 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.666210890 CET50088443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.666217089 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.821347952 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.824423075 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.824537992 CET50087443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.824590921 CET50087443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.824590921 CET50087443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.824613094 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.824623108 CET4435008713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.828605890 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.828664064 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.828799009 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.828939915 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.828959942 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.851783037 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.855007887 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.855057001 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.855081081 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.855123043 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.855276108 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.855294943 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.855305910 CET50086443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.855318069 CET4435008613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.858012915 CET50092443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.858036995 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.858112097 CET50092443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.858407974 CET50092443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.858422995 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.125725031 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.128098011 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.128200054 CET50088443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.161962986 CET50088443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.162008047 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.162023067 CET50088443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.162034035 CET4435008813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.277569056 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.331199884 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.337050915 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.337063074 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.337977886 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.337982893 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.342855930 CET50093443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.342884064 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.342956066 CET50093443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.343465090 CET50093443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.343475103 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.720818043 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.724201918 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.724256992 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.724296093 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.724376917 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.724514961 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.724548101 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.724566936 CET50089443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.724575996 CET4435008913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.727946997 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.728029013 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.728123903 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.728379011 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.728420019 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.849459887 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.850172997 CET50090443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.850214958 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.850735903 CET50090443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.850753069 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.310204029 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.313306093 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.313410044 CET50090443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.313481092 CET50090443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.313504934 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.313517094 CET50090443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.313524961 CET4435009013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.316958904 CET50095443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.316992998 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.317073107 CET50095443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.317235947 CET50095443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.317245960 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.787584066 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.787653923 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788136959 CET50092443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788146973 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788249016 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788271904 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788641930 CET50092443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788650036 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788765907 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788772106 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.222651958 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.225747108 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.225837946 CET50092443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.225899935 CET50092443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.225924015 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.225933075 CET50092443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.225939989 CET4435009213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.229480982 CET50096443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.229526043 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.229605913 CET50096443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.229784012 CET50096443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.229799986 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.234595060 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237647057 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237708092 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237721920 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237788916 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237834930 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237852097 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237863064 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237863064 CET50091443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237870932 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.237878084 CET4435009113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.240488052 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.240516901 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.240595102 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.240731001 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.240746021 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.337740898 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.338274002 CET50093443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.338288069 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.338773012 CET50093443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.338778019 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.523494959 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.524904966 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.524915934 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.525811911 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.525816917 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.792216063 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.792280912 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.792351007 CET50093443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.792638063 CET50093443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.792649031 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.792661905 CET50093443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.792666912 CET4435009313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.795692921 CET50098443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.795748949 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.795866966 CET50098443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.795989037 CET50098443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.796008110 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.968970060 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.970824003 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.970882893 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.970891953 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.970937967 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.971067905 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.971085072 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.971097946 CET50094443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.971106052 CET4435009413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.044384003 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.044430971 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.044549942 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.048460007 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.048525095 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.381593943 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.398685932 CET50095443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.398711920 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.399470091 CET50095443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.399476051 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.816863060 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.821595907 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.821723938 CET50095443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.821772099 CET50095443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.821772099 CET50095443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.821784019 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.821793079 CET4435009513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.824728012 CET50100443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.824749947 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.824835062 CET50100443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.824969053 CET50100443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.824982882 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.965099096 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.969224930 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.969244957 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.969764948 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.969774008 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.011337996 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.013364077 CET50096443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.013376951 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.013832092 CET50096443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.013838053 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.399156094 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.402513981 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.402595997 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.402631998 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.402697086 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.402755976 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.402777910 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.402789116 CET50097443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.402796030 CET4435009713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.405724049 CET50101443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.405771017 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.405865908 CET50101443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.405997992 CET50101443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.406009912 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.460274935 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.467915058 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.467998981 CET50096443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.468024969 CET50096443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.468034983 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.468045950 CET50096443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.468050957 CET4435009613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.470650911 CET50102443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.470685005 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.470757961 CET50102443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.470880032 CET50102443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.470886946 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.524281979 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.530193090 CET50098443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.530204058 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.530723095 CET50098443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.530729055 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.897902966 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.900368929 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.900393963 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.900890112 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.900899887 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.052573919 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.055773973 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.055870056 CET50098443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.055915117 CET50098443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.055937052 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.055949926 CET50098443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.055958033 CET4435009813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.058798075 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.058844090 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.058923960 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.059072971 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.059086084 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.353240967 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.356373072 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.356436968 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.356446981 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.356491089 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.361351013 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.361386061 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.361398935 CET50099443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.361407042 CET4435009913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.366661072 CET50104443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.366703033 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.366786003 CET50104443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.370296955 CET50104443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.370316982 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.683249950 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.683806896 CET50100443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.683823109 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.684324980 CET50100443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.684338093 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.135705948 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.138951063 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.139038086 CET50100443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.156769037 CET50100443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.156786919 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.156802893 CET50100443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.156809092 CET4435010013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.216183901 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.216231108 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.216309071 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.264214039 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.304044008 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.304069996 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.308460951 CET50101443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.308486938 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.309344053 CET50101443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.309350967 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.476207972 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.480343103 CET50102443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.480353117 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.481251955 CET50102443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.481257915 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.716902971 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.720390081 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.720515013 CET50101443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.720599890 CET50101443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.720621109 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.720632076 CET50101443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.720638990 CET4435010113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.724126101 CET50106443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.724138021 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.724215031 CET50106443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.724359035 CET50106443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.724369049 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.875004053 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.875638962 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.875668049 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.876152992 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.876158953 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.931330919 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.936217070 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.936340094 CET50102443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.936378002 CET50102443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.936393023 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.936448097 CET50102443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.936455011 CET4435010213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.939268112 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.939363003 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.939451933 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.939723015 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.939757109 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.203526974 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.205523014 CET50104443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.205532074 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.206231117 CET50104443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.206235886 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.318996906 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.321537971 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.321600914 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.321726084 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.322406054 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.322427988 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.322439909 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.322446108 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.325128078 CET50108443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.325170040 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.325234890 CET50108443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.325525999 CET50108443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.325536966 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.646859884 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.650042057 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.653073072 CET50104443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.653662920 CET50104443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.653676033 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.653719902 CET50104443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.653724909 CET4435010413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.656615973 CET50109443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.656666040 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.656759977 CET50109443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.656939030 CET50109443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.656960011 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.086831093 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.087496996 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.087528944 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.088026047 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.088038921 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.529905081 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.533437967 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.533515930 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.533580065 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.533662081 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.533869982 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.533891916 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.533904076 CET50105443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.533910036 CET4435010513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.537797928 CET50110443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.537839890 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.537929058 CET50110443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.538090944 CET50110443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.538104057 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.572524071 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.573059082 CET50106443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.573069096 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.573647022 CET50106443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.573652983 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.786227942 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.787278891 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.787308931 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.788392067 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.788398981 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.034496069 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.037285089 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.037358999 CET50106443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.037461042 CET50106443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.037473917 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.037492037 CET50106443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.037501097 CET4435010613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.040854931 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.040895939 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.040996075 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.041151047 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.041167974 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.113097906 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.115057945 CET50108443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.115073919 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.115633965 CET50108443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.115641117 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.240101099 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.242099047 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.242152929 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.242187977 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.242254972 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.242341995 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.242357016 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.242371082 CET50107443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.242377996 CET4435010713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.245989084 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.246048927 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.246138096 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.246350050 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.246375084 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.434053898 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.434648991 CET50109443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.434665918 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.435338020 CET50109443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.435344934 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.564623117 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.564699888 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.564762115 CET50108443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.564997911 CET50108443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.565013885 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.565026045 CET50108443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.565032005 CET4435010813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.569525003 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.569551945 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.569652081 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.569776058 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.569781065 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.004371881 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.007613897 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.009026051 CET50109443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.009098053 CET50109443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.009115934 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.009126902 CET50109443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.009133101 CET4435010913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.012728930 CET50114443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.012763977 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.012852907 CET50114443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.013015985 CET50114443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.013032913 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.326611996 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.327188969 CET50110443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.327204943 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.327730894 CET50110443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.327734947 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.810070992 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.815218925 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.819056988 CET50110443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.819098949 CET50110443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.819098949 CET50110443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.819123030 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.819138050 CET4435011013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.820786953 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.821472883 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.821491957 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.821970940 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.821980000 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.822067976 CET50115443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.822119951 CET4435011513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.822216988 CET50115443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.822351933 CET50115443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.822369099 CET4435011513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.966559887 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.967505932 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.967535019 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.968060017 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.968069077 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.402836084 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.404254913 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.404354095 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.404423952 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.404448032 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.404486895 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.404495955 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.407588005 CET50116443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.407641888 CET4435011613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.407723904 CET50116443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.407907009 CET50116443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.407926083 CET4435011613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.511837006 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.512351036 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.512362003 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.512882948 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.512891054 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.717690945 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.720675945 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.720736980 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.720746994 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.720801115 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.721066952 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.721096039 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.721110106 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.721117973 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.724993944 CET50117443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.725033045 CET4435011713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.725183010 CET50117443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.725409985 CET50117443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.725424051 CET4435011713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.798191071 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.798799038 CET50114443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.798827887 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.799304962 CET50114443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.799319983 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.954890013 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.958250046 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.958355904 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.958446026 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.958452940 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.958463907 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.958468914 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.962256908 CET50118443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.962302923 CET4435011813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.962383032 CET50118443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.962600946 CET50118443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.962615967 CET4435011813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.244633913 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.247814894 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.247881889 CET50114443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.247915983 CET50114443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.247941017 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.247953892 CET50114443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.247962952 CET4435011413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.250873089 CET50119443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.250914097 CET4435011913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.251173019 CET50119443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.251331091 CET50119443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.251338959 CET4435011913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.605839014 CET4435011513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.606451988 CET50115443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.606467009 CET4435011513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.606973886 CET50115443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.606981039 CET4435011513.107.246.63192.168.2.5

                                                                                                                                                                                                                                                                                                          UDP Packets

                                                                                                                                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.761055946 CET6183253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.906871080 CET53618321.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:27.080049992 CET53633761.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:27.122581959 CET53553681.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.712625980 CET53649411.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.744271994 CET5374553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.744447947 CET5917853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.766659975 CET53595531.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.882091999 CET53591781.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.882122040 CET53537451.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.658355951 CET5118753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.658662081 CET6124453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.659302950 CET4994853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.659471989 CET5852153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.801168919 CET53511871.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.801798105 CET53499481.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.802082062 CET53612441.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.802103996 CET53585211.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.826647043 CET6384653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.827121019 CET5913553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.841386080 CET5364953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.842097998 CET5667653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.965522051 CET53591351.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.978380919 CET53536491.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.979295015 CET53566761.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.224010944 CET6287253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.224447966 CET5625753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.363243103 CET53562571.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.749650002 CET5076753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.749958992 CET5796853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.888403893 CET53579681.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.529304981 CET5641253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.529515982 CET5476953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.529951096 CET6199153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.530109882 CET5513053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.532505989 CET6130853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.532788992 CET5034853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.666218042 CET53564121.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.666960955 CET53547691.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.668334961 CET53551301.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.668540001 CET53619911.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.669123888 CET53613081.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.671683073 CET53503481.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.067411900 CET6498453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.189838886 CET5883953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.190382957 CET5475453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.206145048 CET53649841.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.794353008 CET5094253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.794754982 CET4975953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.105010986 CET53497591.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.120538950 CET53509421.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.026907921 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.051384926 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.333528042 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.353266001 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.948852062 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:15.964899063 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.190109015 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.190154076 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.190171957 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.190234900 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.192027092 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.193845987 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.197124958 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.225064993 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.226619005 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.226655006 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.226672888 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.226763010 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.227528095 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.229692936 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.239880085 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.263976097 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.269854069 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.289642096 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.303762913 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.507590055 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.507605076 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.507627010 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.507639885 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.508249044 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.508363008 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.513118029 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.513432980 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.513617039 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.514224052 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.514265060 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.514333010 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.514527082 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.515383005 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.543067932 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.543392897 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.543988943 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.544122934 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.544694901 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.544778109 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.547389984 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.547640085 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.547655106 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.551932096 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.563281059 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.563409090 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.563422918 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.563436031 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.563739061 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.564084053 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.564213037 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.577595949 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.577914000 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.579194069 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.579307079 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.580352068 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.580365896 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.580382109 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.581356049 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.581753016 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.585477114 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.586352110 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.586474895 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.586487055 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.586564064 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.586656094 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.591346025 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.610807896 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.788058043 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.801639080 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.821803093 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.847752094 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.866039038 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.866544962 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.879199982 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.879673958 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.879923105 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.880227089 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.880238056 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.880960941 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.884785891 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.896157026 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.896357059 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.905281067 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.905906916 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.925736904 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.927423000 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.935637951 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:16.935724974 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.121393919 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.135385036 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.137556076 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.143199921 CET44354887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.198832989 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.199902058 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.201004028 CET54887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.210463047 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.218130112 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.384382010 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.385281086 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.698704004 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:17.742033005 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.412172079 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.412303925 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.728059053 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.728533983 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.729219913 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.729541063 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.939516068 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:18.939724922 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.255790949 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.257572889 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.279098988 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:19.279791117 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.652221918 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.692327023 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.958055019 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:21.993504047 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.567248106 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.600827932 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.783092022 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.800285101 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.800426960 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.800503016 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.800614119 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.801678896 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.805180073 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.833893061 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.835813999 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.835832119 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.835849047 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.835964918 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.836719036 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.854573011 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.892416000 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.894103050 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.938205957 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:22.983700991 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.000116110 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.000364065 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.001069069 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.001204014 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.001837015 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.002015114 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.334101915 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.334423065 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.334474087 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.334489107 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.334508896 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.349731922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.356434107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.356484890 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.356578112 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.356591940 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.356637001 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.384181023 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.384198904 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.385225058 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.385421038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.385472059 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.385488987 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.395422935 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.402329922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.411395073 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.422220945 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.443741083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.443850040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.449886084 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.455035925 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.465317965 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.493292093 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.493339062 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.493355036 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.503472090 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.509057999 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.525264978 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.525342941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.540888071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.555632114 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.555762053 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.559381962 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.620758057 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.620819092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.620850086 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.620867968 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.620891094 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.620908976 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.620928049 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.640666008 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.640830994 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.640892982 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.641247988 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.641577005 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.641724110 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.641940117 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.642123938 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.642431021 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.642510891 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.642647028 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.642647028 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.642719984 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.642916918 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.642945051 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.643075943 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.643129110 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.643260956 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.643325090 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.643372059 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.654340982 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.654558897 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.654613018 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.655061007 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.669950008 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.670032978 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.670101881 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.675363064 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.692128897 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.692153931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.704539061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.733200073 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.733535051 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.733624935 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.733676910 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.805613041 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:23.935895920 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.012590885 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.012695074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.022412062 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.022595882 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.031649113 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.034953117 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.035228968 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.042732000 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.050676107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.050970078 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.055568933 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.063271046 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.063590050 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.070425034 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.080662966 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.081104994 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.084081888 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.088618040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.088879108 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.093106985 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.093133926 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.093149900 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.093477964 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.111645937 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.111685991 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.111704111 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.119163990 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.119306087 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.122520924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.122613907 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.123584986 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.147044897 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.147238016 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.147420883 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.147898912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.148024082 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.148169041 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.158023119 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.158185959 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.158324957 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.172267914 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.172413111 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.172620058 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.193042040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.193234921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.193252087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.193454027 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.208781004 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.208870888 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.208888054 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.209017038 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.209135056 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.218858004 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.226514101 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.226707935 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.228485107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.233983994 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.234172106 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.241247892 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.248040915 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.248272896 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.253393888 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.259044886 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.259305000 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.266355038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.273312092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.273515940 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.278291941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.287825108 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.288009882 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.294127941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.296888113 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.297089100 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.304169893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.310555935 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.310765028 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.316494942 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.323367119 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.323538065 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.329502106 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.335263014 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.341576099 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.348014116 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.353807926 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.358864069 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.366128922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.366242886 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.369762897 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.374566078 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.379473925 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.398247004 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.600991964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.661489010 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.661653042 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.696021080 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.696928978 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.697560072 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.698209047 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.779370070 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.779546022 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.984785080 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.985650063 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.986614943 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:24.986890078 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.019500017 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.024426937 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.024769068 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025176048 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025253057 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025265932 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025279045 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025300026 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025321007 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025333881 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025461912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025474072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025485992 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025497913 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025510073 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.025520086 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.026123047 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.038181067 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.038191080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.038199902 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.042484045 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.042798042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.042813063 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.042855978 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.042869091 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.042901993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.048657894 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.048901081 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.048919916 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.048942089 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.048955917 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.049026966 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.055701971 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.056037903 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.056233883 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.056268930 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.056279898 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.056427956 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.056442022 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.056454897 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.056464911 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.083009005 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.099324942 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.100615025 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.100903988 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.101387024 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.167179108 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.182843924 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.394733906 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.394845009 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.419579029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.494709015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.500407934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.500967026 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.500988960 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501003027 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501096010 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501107931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501121044 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501133919 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501147985 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501231909 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501244068 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501254082 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501413107 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.501626015 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.525772095 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.526043892 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.534991026 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.629380941 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.629544973 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.629555941 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.629566908 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.629574060 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.630264044 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.630527973 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.630698919 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.630894899 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.880194902 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:25.992803097 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.965255022 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.967108011 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.967385054 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.973550081 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.973761082 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.989850044 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.989945889 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.994237900 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:26.994446993 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.281651020 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.282747984 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.283096075 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.283333063 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.287720919 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.288961887 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.289550066 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.289742947 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.308608055 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.309372902 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.309489965 CET44350682162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.309595108 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.337987900 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.338006973 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.338018894 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.338469982 CET50682443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.364056110 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.371014118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.371133089 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.371143103 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.371150970 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.371403933 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.377916098 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378695011 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378720999 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378734112 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378794909 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378806114 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378817081 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378830910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378849030 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378941059 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378954887 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378966093 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.378979921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.379272938 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.379494905 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.391984940 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.410404921 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425172091 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425229073 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425240993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425323963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425334930 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425358057 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425369978 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425380945 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425391912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425410032 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425424099 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425436020 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425447941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425458908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425472021 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425484896 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425565958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425647020 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425661087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.425672054 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.426099062 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.426285982 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455409050 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455435038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455456018 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455468893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455513000 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455526114 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455538988 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455595970 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455656052 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455671072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.455857038 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482348919 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482422113 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482433081 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482486963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482533932 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482546091 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482557058 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482703924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482767105 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.482781887 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.483011961 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539386988 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539407015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539418936 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539436102 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539448023 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539458990 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539472103 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539483070 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539494038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539506912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.539779902 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.562767029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.562869072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.562895060 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.562920094 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.562942028 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.562959909 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.562973976 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.563061953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.563101053 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.563112974 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.563117981 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589571953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589589119 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589602947 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589618921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589627028 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589637995 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589663029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589739084 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589751005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.589762926 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.592814922 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.621176958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.621198893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.621213913 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.621500015 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.649498940 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.702452898 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.726206064 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.758064985 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.799424887 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.799449921 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.799547911 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.799561024 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.799926996 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.800019979 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.812369108 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.828689098 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.834548950 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:27.918709040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.136107922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.141994953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142246962 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142374039 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142420053 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142432928 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142446041 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142456055 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142468929 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142563105 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142712116 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142724037 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142735004 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142853022 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142863989 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142875910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142882109 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.142894983 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.143290997 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.160187960 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.160654068 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.169230938 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.172053099 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.172112942 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.172272921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.172683954 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.172730923 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.172764063 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.180214882 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.201535940 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.494652033 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.513746023 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.530268908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.545227051 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556112051 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556185007 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556221008 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556256056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556314945 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556349993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556381941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556418896 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556443930 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.556447029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.557981014 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558608055 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558662891 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558696985 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558748960 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558800936 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558832884 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558886051 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558907986 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558918953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558954000 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.558990002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.560607910 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.581118107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.581176996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.581212044 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.581243038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.581278086 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.585519075 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.591615915 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.883306980 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.931408882 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.931427002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.951895952 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952024937 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952157974 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952516079 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952641964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952668905 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952688932 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952781916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952800035 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952816010 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952830076 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952846050 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952948093 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952964067 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952980042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.952995062 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.953010082 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.953028917 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.953030109 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.953046083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974400043 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974431038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974447012 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974473000 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974488020 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974512100 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974526882 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974543095 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974559069 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974575996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974812984 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.974946022 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.994124889 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.994138956 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:28.994152069 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.008008957 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.014314890 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.077239037 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.302249908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.326380014 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.338702917 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.344789028 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.344945908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.345009089 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.345025063 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.345072031 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.345084906 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.393143892 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.400603056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.405910015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.406976938 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407036066 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407052040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407078028 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407092094 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407108068 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407123089 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407215118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407238960 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407254934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.407272100 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.427881002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.483498096 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.483624935 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.495961905 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.602551937 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.691687107 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.692122936 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.693859100 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.749579906 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.751038074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.851187944 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:29.924875021 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.007894993 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.016089916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022517920 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022650003 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022707939 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022720098 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022772074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022783041 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022938013 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022974014 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.022988081 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023008108 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023019075 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023036957 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023047924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023108006 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023121119 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023212910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023224115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023235083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023303032 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023305893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023324966 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.023336887 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.027952909 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043831110 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043859005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043870926 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043941975 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043960094 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043972015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043977976 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043988943 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.043994904 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.044007063 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.044209003 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.049099922 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.049119949 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.049199104 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.049210072 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.049510002 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.049586058 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065655947 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065697908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065711975 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065794945 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065805912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065819025 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065838099 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065850973 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065867901 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065881014 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.065928936 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.075033903 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.075467110 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.090795040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.090872049 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.091094017 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.095760107 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.260170937 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.283710957 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.283925056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.283987045 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284003019 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284024000 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284039974 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284073114 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284111023 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284218073 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284231901 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284312010 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284574986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.284691095 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.309031963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.326466084 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.333142996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339390039 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339440107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339525938 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339540958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339569092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339584112 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339601040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339704037 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339740992 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339756966 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339771986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339788914 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.339903116 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.360085964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.374597073 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.416052103 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.423576117 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.430527925 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.438060999 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.438421011 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.438462973 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.438509941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.438522100 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.438555956 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.446259022 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.632332087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.652247906 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.661077023 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.661123991 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.661236048 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.661246061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.661254883 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.661526918 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.672708035 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.691930056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.705904007 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.711260080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.711747885 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.711910963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712006092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712018967 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712060928 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712146997 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712158918 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712171078 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712266922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712290049 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.712301970 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.715675116 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733534098 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733583927 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733598948 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733697891 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733777046 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733789921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733799934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733813047 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733824015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.733835936 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.734040022 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.755801916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.755847931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.770438910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.777472973 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.777550936 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.777637005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.777650118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.777664900 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.777673960 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.778036118 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.790761948 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.806104898 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:30.996157885 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.003626108 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.003932953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.003998995 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004017115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004029036 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004040956 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004054070 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004134893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004148006 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004158974 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004173040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.004846096 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.005095959 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025578022 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025654078 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025665998 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025677919 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025696039 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025707960 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025718927 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025731087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.025743961 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.051080942 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.051574945 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.059593916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.114218950 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122369051 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122627974 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122648001 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122661114 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122792959 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122805119 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122807026 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122817039 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.122827053 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.130624056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.133459091 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135066032 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135571957 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135662079 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135674953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135687113 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135699034 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135710001 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135721922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135735035 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135746002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135759115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.135770082 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.136220932 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159461021 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159488916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159502029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159555912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159568071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159579992 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159593105 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159605026 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159677029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.159689903 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.160007954 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185050964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185077906 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185090065 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185148954 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185159922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185179949 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185201883 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185251951 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185264111 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185277939 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.185584068 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202050924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202064037 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202078104 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202179909 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202191114 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202203035 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202214956 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202227116 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202238083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202269077 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.202425957 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.223634005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.223706961 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.223860979 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.223872900 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.223885059 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.223985910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.224036932 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.224049091 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.224061012 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.253336906 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.354171038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.376494884 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.380918980 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381187916 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381218910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381314039 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381328106 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381373882 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381541967 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381555080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381570101 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381633997 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381647110 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381665945 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.381958008 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.403692961 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.403707027 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.403718948 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.403769016 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.408741951 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.418946981 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.457103968 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465617895 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465750933 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465799093 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465820074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465852976 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465867996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465874910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465883970 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465964079 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465976954 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.465990067 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.466133118 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.466336966 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.486895084 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.486958027 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.486970901 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.487070084 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.487082958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.487095118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.491529942 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.735917091 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.747611046 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.747890949 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.747993946 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.748054981 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.748068094 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.748140097 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.748152971 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.748887062 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.749047041 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.749058962 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.749186039 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.749205112 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.749214888 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.749711037 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.784573078 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.786715031 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.786820889 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.786835909 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.786853075 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.786878109 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.786889076 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.786938906 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.802440882 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.808547020 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.809348106 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.917731047 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919399023 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919487953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919751883 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.919835091 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:31.955904007 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.038866997 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.038888931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.038911104 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.109087944 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146660089 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146694899 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146722078 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146733999 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146748066 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146761894 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146775007 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146789074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146800995 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146811962 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146822929 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146836042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146846056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146858931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146873951 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146888971 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146903992 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146945000 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146962881 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.146992922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.147006989 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.147186995 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.147407055 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.147567034 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.169351101 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.169820070 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.171674013 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.171691895 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.171709061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.171773911 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.172187090 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.172225952 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.172240973 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.172379971 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.172393084 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.172406912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175463915 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175502062 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175652981 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175707102 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175808907 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175827980 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175843954 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175945044 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.175997972 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.176012993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.176330090 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.176805019 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.176968098 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.188251019 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.191102028 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.216136932 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.287998915 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.433706999 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.439620018 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.439905882 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.439935923 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.439954996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.440057993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.440068007 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.440084934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.440102100 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.495522976 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.495537996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.501838923 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.501857042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.501970053 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.501981020 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.506985903 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507551908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507615089 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507632017 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507658958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507673979 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507688999 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507705927 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507791042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507805109 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.507821083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.511749983 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523653984 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523695946 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523720026 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523734093 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523749113 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523765087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523780107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523863077 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523878098 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.523894072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.539616108 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.539632082 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.539648056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.539729118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.539742947 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.539758921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.539776087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.545003891 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.556107998 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.556135893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.556288958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.556302071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.607125044 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.607419014 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.607597113 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.607764959 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.607850075 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.610598087 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.610888958 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.760251999 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.932485104 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.932745934 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.932813883 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.932876110 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.937830925 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:32.974503040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.024734974 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.263156891 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.263192892 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.263216019 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.263226032 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.263237000 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.270037889 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.270106077 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.270123005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.270328999 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.276114941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.276308060 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.276331902 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.276343107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.276345968 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.276354074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.281117916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.281389952 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.281469107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.281481028 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.281491041 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.283060074 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.286686897 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.286745071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.286843061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.286853075 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.286923885 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.292043924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.292104959 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.292201996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.292212963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.292224884 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.292234898 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.292587996 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.323216915 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.326793909 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.354594946 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.359955072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360282898 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360377073 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360455990 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360477924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360491991 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360630989 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360642910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360654116 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360707998 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360718966 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360727072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.360955954 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.371884108 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.432470083 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.621140957 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.659483910 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.666387081 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.666404009 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.666533947 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.666670084 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.666816950 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.705241919 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.708770037 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.737065077 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.761246920 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767715931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767749071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767796993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767817974 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767832041 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767965078 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767978907 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767977953 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.767990112 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768001080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768012047 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768022060 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768033981 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768059015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768069983 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768080950 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768090010 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.768470049 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.788937092 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.842528105 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.842556000 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.842637062 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.842655897 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.842672110 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.842911959 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.842982054 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.843044996 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.861032009 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:33.861337900 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.034957886 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.112399101 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.118163109 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.118537903 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.118844986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119132996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119189024 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119199991 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119210005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119349957 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119363070 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119374990 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119461060 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119472980 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119484901 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119497061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119540930 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119550943 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119600058 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119611025 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119622946 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119700909 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.119899988 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148677111 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148799896 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148811102 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148822069 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148833036 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148849964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148860931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148873091 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148884058 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.148894072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.149065971 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152053118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152189970 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152208090 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152209044 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152219057 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152229071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152240038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152251005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152261972 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152271032 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.152282953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166415930 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166471004 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166482925 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166521072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166532040 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166543007 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166554928 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166590929 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166671991 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166682959 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.166695118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182615995 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182697058 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182708979 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182775021 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182785988 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182796955 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182811022 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182826042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182837963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182848930 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.182890892 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.196337938 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.196360111 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.196677923 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199060917 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199146032 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199254990 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199266911 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199276924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199289083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199286938 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199301004 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199318886 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199377060 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.199388027 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.211672068 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.211791992 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.211802006 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.212007046 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.212091923 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214585066 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214683056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214694977 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214705944 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214716911 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214726925 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214740038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214823008 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214881897 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.214895010 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.216598988 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.217062950 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.217118979 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.217169046 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.217535019 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.217593908 CET62613443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230431080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230622053 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230633020 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230645895 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230658054 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230669022 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230679989 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230690002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230700016 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.230711937 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.233913898 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.245944977 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246009111 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246093035 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246104002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246149063 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246222973 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246233940 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246243954 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246262074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246309042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.246323109 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.267966986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.267988920 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268001080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268059015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268070936 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268081903 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268093109 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268111944 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268188953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268219948 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.268277884 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279455900 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279498100 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279509068 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279529095 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279539108 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279551029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279572964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279659033 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279685974 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279696941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.279710054 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.294914007 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.294975996 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.294986963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.295082092 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.295100927 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.295111895 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.295121908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.295128107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.295140028 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.295151949 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.295162916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310095072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310141087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310153961 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310167074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310216904 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310229063 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310240030 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310254097 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310281992 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310312986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.310324907 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.326270103 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.326316118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.326328993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.326340914 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.326428890 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.326574087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.326586962 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.326598883 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.362509966 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.467159986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.523914099 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.557482004 CET4436261323.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.847364902 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.852608919 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.852657080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.852917910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.852927923 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.852925062 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.852936029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:34.869509935 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.193003893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.198987961 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.199109077 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.199235916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.199246883 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.199341059 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.199352026 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.199359894 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.408677101 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.493897915 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.575716019 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.700917006 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.722706079 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.756825924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.899996042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.900296926 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905250072 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905421972 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905543089 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905690908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905750036 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905764103 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905808926 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905819893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905833006 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905839920 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905885935 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.905898094 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.906183958 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919289112 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919358969 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919394016 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919405937 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919418097 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919425011 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919563055 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919585943 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919598103 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919610023 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.919934034 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.932230949 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933032990 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933435917 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933448076 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933558941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933571100 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933582067 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933593988 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933607101 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.933618069 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.934024096 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.945619106 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.945715904 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.945727110 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.945877075 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.945888042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.945899963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.946034908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.946048021 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.946058989 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.946072102 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.946630001 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.959988117 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960021973 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960033894 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960093021 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960104942 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960115910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960127115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960172892 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960186005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960196018 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.960469961 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972280979 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972309113 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972323895 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972335100 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972347021 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972357988 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972372055 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972414970 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:35.972428083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.003221035 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.011123896 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.256829023 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.334465981 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.339605093 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.339904070 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.339927912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.339940071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.339979887 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.339988947 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.340049982 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.340063095 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.340157986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.340168953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.340179920 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.355751038 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.679292917 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685220957 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685650110 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685662985 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685677052 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685697079 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685707092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685718060 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685729980 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685862064 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685873032 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685883999 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.685894966 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.686006069 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.686238050 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:36.701040030 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.025080919 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.031346083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032052040 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032113075 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032263994 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032306910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032318115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032370090 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032381058 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032393932 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032404900 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032454967 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032465935 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032488108 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032500982 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032514095 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032525063 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032536030 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032546997 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032558918 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032586098 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.032613993 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.044836044 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.044874907 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.044888020 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.044900894 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.044940948 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.044955015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.044969082 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.044981003 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.045046091 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.045059919 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.045305967 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058152914 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058273077 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058284044 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058296919 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058331966 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058342934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058353901 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058365107 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058440924 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058453083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.058711052 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072117090 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072140932 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072154045 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072227955 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072237968 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072247982 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072259903 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072273016 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072324038 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072339058 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.072559118 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085040092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085064888 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085077047 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085127115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085136890 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085154057 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085166931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085237026 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085248947 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085259914 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.085498095 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098392963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098494053 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098504066 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098511934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098524094 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098535061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098548889 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098612070 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098623991 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098635912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.098870039 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111272097 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111284971 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111296892 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111334085 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111346960 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111358881 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111370087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111464024 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111475945 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111486912 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.111834049 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126313925 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126380920 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126394987 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126494884 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126506090 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126516104 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126527071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126538992 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126607895 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126621962 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.126919031 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.138305902 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.138322115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.138751984 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.221405029 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.382931948 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.586800098 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587380886 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587416887 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587487936 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587512016 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587527037 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587603092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587620020 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587733984 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587749958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587785959 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587826967 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587847948 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587861061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.587977886 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.588005066 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.588082075 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.588165998 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.588181019 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.588193893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.588197947 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.623608112 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.635740995 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.937184095 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.959358931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.965997934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.966269016 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.966294050 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.966305017 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.966428041 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.966439962 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.966451883 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:37.966705084 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.016715050 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.017219067 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.314040899 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.344394922 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.352786064 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.352870941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.352907896 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.352929115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.352940083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.353041887 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.358227968 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.388632059 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.555026054 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.706310034 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.878436089 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.883160114 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.883399963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.883652925 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.883733034 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884305954 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884380102 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884394884 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884424925 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884435892 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884449005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884533882 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884552002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884562969 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884574890 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884629011 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884640932 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884650946 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.884871960 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:38.910121918 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:39.234257936 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:47.865142107 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.189132929 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.194740057 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.194758892 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.194772005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.215738058 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.253233910 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.269911051 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.571372986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.608048916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.650518894 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.660018921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.660039902 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.660049915 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.789833069 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.819545031 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:48.834336996 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.148216963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.162586927 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.166898966 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.166934967 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.166970015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.167344093 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.177544117 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.502124071 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.514482021 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.514508009 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.514524937 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.514962912 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.524243116 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.847780943 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.852868080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.852884054 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.852948904 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.853224039 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:49.861284971 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.184686899 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.191011906 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.191037893 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.191091061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.191462994 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.210180998 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.533577919 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.540898085 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.541039944 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.541157961 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.541261911 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.549144030 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.876890898 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.883833885 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.883850098 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.883881092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.884310961 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:50.894306898 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.217921972 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.224880934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.224937916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.224992990 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.225276947 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.235608101 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.560862064 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.568942070 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.568979979 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.569076061 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.569222927 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.631750107 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.633609056 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:51.955157042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.012769938 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.018646955 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.018841028 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.018939972 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.019357920 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.026130915 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.363395929 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.369899988 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.369942904 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.370155096 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.370433092 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.381633997 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.705549002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.714879036 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.714926958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.715008974 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.715284109 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:52.724773884 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.049592972 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.058412075 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.058470011 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.058655977 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.061590910 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.081553936 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.425738096 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.453979969 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.454041958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.454051971 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.454348087 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.462764978 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.794284105 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.831454992 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.855950117 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.855993986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.856015921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.856297970 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.885196924 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:53.885454893 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.204415083 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.215739012 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.229242086 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.229279041 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.229306936 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.236099005 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.336039066 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.514849901 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.597424030 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.839202881 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.844213963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.844247103 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.844280005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.844662905 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:54.855654001 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.179651022 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.185939074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.185957909 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.186028957 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.186321974 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.196104050 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.525454998 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.533037901 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.533061981 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.533118010 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.533389091 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.542979002 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.866384983 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.873796940 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.873809099 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.873893976 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.874223948 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:55.882302999 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.227823973 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.241463900 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.241487980 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.241569042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.242048979 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.249489069 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.585131884 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.601068020 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.601104975 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.601135015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.601408005 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.608906031 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.948934078 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:56.981096983 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.016221046 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.016282082 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.016346931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.099576950 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.145817041 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.335867882 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.497078896 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.660859108 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.664303064 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.664314032 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.664414883 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.664757967 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:57.674581051 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.000286102 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.006093025 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.006139994 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.006203890 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.006472111 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.013786077 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.339149952 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.362806082 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.362859964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.362960100 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.363303900 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.372042894 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.788619041 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.789485931 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.789499044 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.789508104 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.789833069 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:58.797766924 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.123414993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.138814926 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.138827085 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.138941050 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.139106989 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.145756960 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.468960047 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.474596977 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.474658012 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.474756002 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.474992990 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.482919931 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.819288015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.831757069 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.831779003 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.831875086 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.853451967 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:59.877490997 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.205951929 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.213231087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.213243961 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.213310957 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.281578064 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.306848049 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.307698011 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.633318901 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.633357048 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.641524076 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.641541958 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.641676903 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.641923904 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.650429964 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.975691080 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.981997013 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.982008934 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.982091904 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.982332945 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:00.988466978 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.311888933 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.318897963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.318912029 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.318933964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.319212914 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.325570107 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.652986050 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.659919024 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.659950972 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.660015106 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.660213947 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:01.666383982 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.061687946 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.068202019 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.068212986 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.068317890 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.068530083 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.075150013 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.399208069 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.406312943 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.406326056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.406335115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.406348944 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.410881042 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.422030926 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.763776064 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.782639980 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.782653093 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.782747984 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.798023939 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:02.809571981 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.136914968 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.143266916 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.143306017 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.143363953 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.155487061 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.212248087 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.447559118 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.545078039 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.778842926 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.784615993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.784749985 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.784943104 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.784943104 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:03.795141935 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.119191885 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.127717972 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.127734900 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.128009081 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.128129005 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.144597054 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.468230963 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.476763964 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.476775885 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.476820946 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.477217913 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.487318993 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.811919928 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.819535017 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.819551945 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.819657087 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.819941998 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:04.827182055 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.150859118 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.159070015 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.159085035 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.159097910 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.159641981 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.167047977 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.490530968 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.496902943 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.497041941 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.497052908 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.497291088 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.509372950 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.857299089 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.870750904 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.870764017 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.870852947 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.871263027 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:05.891040087 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.219372988 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.227089882 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.227121115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.227153063 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.227646112 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.235362053 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.568908930 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.575556993 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.575571060 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.575697899 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.575958014 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.610138893 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:06.610503912 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.076225042 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.091561079 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.091573954 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.091658115 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.091882944 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.097820044 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.424966097 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.435796022 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.435807943 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.435817003 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.436175108 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.450382948 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.774061918 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.781465054 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.781553984 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.781727076 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.782164097 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:07.787446022 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.111905098 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.130798101 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.130820036 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.130835056 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.131252050 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.136449099 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.465208054 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.487533092 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.487546921 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.487633944 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.488286018 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.496325970 CET53134443192.168.2.523.209.72.33
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.820440054 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.850862980 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.850897074 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:08.850959063 CET4435313423.209.72.33192.168.2.5
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:15:09.357239008 CET4435313423.209.72.33192.168.2.5

                                                                                                                                                                                                                                                                                                          ICMP Packets

                                                                                                                                                                                                                                                                                                          TimestampSource IPDest IPChecksumCodeType
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.315152884 CET192.168.2.51.1.1.1c2b8(Port unreachable)Destination Unreachable

                                                                                                                                                                                                                                                                                                          DNS Queries

                                                                                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.761055946 CET192.168.2.51.1.1.10xce4aStandard query (0)api.myip.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.744271994 CET192.168.2.51.1.1.10x22f1Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.744447947 CET192.168.2.51.1.1.10x8445Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.658355951 CET192.168.2.51.1.1.10x1f02Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.658662081 CET192.168.2.51.1.1.10x57e4Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.659302950 CET192.168.2.51.1.1.10x267bStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.659471989 CET192.168.2.51.1.1.10x4886Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.826647043 CET192.168.2.51.1.1.10xe11aStandard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.827121019 CET192.168.2.51.1.1.10xb6beStandard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.841386080 CET192.168.2.51.1.1.10x9309Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.842097998 CET192.168.2.51.1.1.10x1b79Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.224010944 CET192.168.2.51.1.1.10x44dStandard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.224447966 CET192.168.2.51.1.1.10xcb85Standard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.749650002 CET192.168.2.51.1.1.10x5421Standard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.749958992 CET192.168.2.51.1.1.10x43c7Standard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.529304981 CET192.168.2.51.1.1.10xdc95Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.529515982 CET192.168.2.51.1.1.10xe871Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.529951096 CET192.168.2.51.1.1.10x8cb1Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.530109882 CET192.168.2.51.1.1.10x5b0bStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.532505989 CET192.168.2.51.1.1.10xca3eStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.532788992 CET192.168.2.51.1.1.10xb9f7Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.067411900 CET192.168.2.51.1.1.10xfd08Standard query (0)api.telegram.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.189838886 CET192.168.2.51.1.1.10x66daStandard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.190382957 CET192.168.2.51.1.1.10x1d5bStandard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.794353008 CET192.168.2.51.1.1.10xab11Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.794754982 CET192.168.2.51.1.1.10x740Standard query (0)clients2.googleusercontent.com65IN (0x0001)false

                                                                                                                                                                                                                                                                                                          DNS Answers

                                                                                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.906871080 CET1.1.1.1192.168.2.50xce4aNo error (0)api.myip.com104.26.9.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.906871080 CET1.1.1.1192.168.2.50xce4aNo error (0)api.myip.com172.67.75.163A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:07.906871080 CET1.1.1.1192.168.2.50xce4aNo error (0)api.myip.com104.26.8.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.882091999 CET1.1.1.1192.168.2.50x8445No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:35.882122040 CET1.1.1.1192.168.2.50x22f1No error (0)www.google.com142.250.181.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.801168919 CET1.1.1.1192.168.2.50x1f02No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.801168919 CET1.1.1.1192.168.2.50x1f02No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.801798105 CET1.1.1.1192.168.2.50x267bNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.801798105 CET1.1.1.1192.168.2.50x267bNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.802082062 CET1.1.1.1192.168.2.50x57e4No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.802103996 CET1.1.1.1192.168.2.50x4886No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.964750051 CET1.1.1.1192.168.2.50xe11aNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.965522051 CET1.1.1.1192.168.2.50xb6beNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.977924109 CET1.1.1.1192.168.2.50x666fNo error (0)svc.ha-teams.office.commira-tmc.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.978380919 CET1.1.1.1192.168.2.50x9309No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.978380919 CET1.1.1.1192.168.2.50x9309No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:45.979295015 CET1.1.1.1192.168.2.50x1b79No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.222711086 CET1.1.1.1192.168.2.50x1ba5No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.222711086 CET1.1.1.1192.168.2.50x1ba5No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:13:46.315061092 CET1.1.1.1192.168.2.50xa8d4No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.195693970 CET1.1.1.1192.168.2.50x1a63No error (0)svc.ha-teams.office.commira-tmc.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.362037897 CET1.1.1.1192.168.2.50x44dNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:04.363243103 CET1.1.1.1192.168.2.50xcb85No error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.867182016 CET1.1.1.1192.168.2.50x8727No error (0)svc.ha-teams.office.commira-tmc.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.888403893 CET1.1.1.1192.168.2.50x43c7No error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:10.899043083 CET1.1.1.1192.168.2.50x5421No error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.666218042 CET1.1.1.1192.168.2.50xdc95No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.666218042 CET1.1.1.1192.168.2.50xdc95No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.666960955 CET1.1.1.1192.168.2.50xe871No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.668334961 CET1.1.1.1192.168.2.50x5b0bNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.668540001 CET1.1.1.1192.168.2.50x8cb1No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.668540001 CET1.1.1.1192.168.2.50x8cb1No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.669123888 CET1.1.1.1192.168.2.50xca3eNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.669123888 CET1.1.1.1192.168.2.50xca3eNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:12.671683073 CET1.1.1.1192.168.2.50xb9f7No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.206145048 CET1.1.1.1192.168.2.50xfd08No error (0)api.telegram.org149.154.167.220A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.329453945 CET1.1.1.1192.168.2.50x1d5bNo error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:13.340081930 CET1.1.1.1192.168.2.50x66daNo error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.105010986 CET1.1.1.1192.168.2.50x740No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.120538950 CET1.1.1.1192.168.2.50xab11No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                          Nov 22, 2024 13:14:14.120538950 CET1.1.1.1192.168.2.50xab11No error (0)googlehosted.l.googleusercontent.com172.217.19.225A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                          HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                          • slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                          • otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          • fs.microsoft.com
                                                                                                                                                                                                                                                                                                          • chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          • login.live.com
                                                                                                                                                                                                                                                                                                          • https:
                                                                                                                                                                                                                                                                                                            • assets.msn.com
                                                                                                                                                                                                                                                                                                            • c.msn.com
                                                                                                                                                                                                                                                                                                            • sb.scorecardresearch.com
                                                                                                                                                                                                                                                                                                            • c.bing.com
                                                                                                                                                                                                                                                                                                            • img-s-msn-com.akamaized.net
                                                                                                                                                                                                                                                                                                            • browser.events.data.msn.com
                                                                                                                                                                                                                                                                                                            • arc.msn.com
                                                                                                                                                                                                                                                                                                          • clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                                          • data-edge.smartscreen.microsoft.com
                                                                                                                                                                                                                                                                                                          • edgeassetservice.azureedge.net
                                                                                                                                                                                                                                                                                                          • msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com

                                                                                                                                                                                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          0192.168.2.54970620.12.23.50443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:19 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=5SDM6BUbS8a9zeP&MD=psOvlA2P HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                          Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:20 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                          ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                                                          MS-CorrelationId: e02ca753-0d36-410a-856c-181514680dc6
                                                                                                                                                                                                                                                                                                          MS-RequestId: d7d4b10e-cdad-469f-af33-cfde117a7680
                                                                                                                                                                                                                                                                                                          MS-CV: ZtPr/jq8r0KjL1F9.0
                                                                                                                                                                                                                                                                                                          X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:20 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 24490
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:20 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                                                          Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:20 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                                                          Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          1192.168.2.54971013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:20 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:21 UTC471INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:21 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                                                                                          Content-Length: 218853
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public
                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 21 Nov 2024 12:25:08 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DD0A27899CAFB6"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 0e3600b6-201e-0096-7125-3cace6000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121321Z-178bfbc474bpnd5vhC1NYC4vr400000002x000000000ak74
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:21 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                                                                                                                                                                                                                                                                                                          Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:21 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                                          Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:21 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                                          Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:21 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
                                                                                                                                                                                                                                                                                                          Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:21 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:21 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
                                                                                                                                                                                                                                                                                                          Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:21 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:22 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
                                                                                                                                                                                                                                                                                                          Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:22 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:22 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          2192.168.2.54971613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:23 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:24 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 2980
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 89a9fa5c-d01e-0017-5438-3cb035000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121324Z-178bfbc474bpscmfhC1NYCfc2c00000001d000000000k263
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          3192.168.2.54971813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:23 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:24 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 408
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB56D3AFB"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a3d07856-b01e-0084-3a7e-3bd736000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121324Z-174c587ffdfdwxdvhC1TEB1c4n00000001a000000000ahuf
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          4192.168.2.54971513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:23 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:24 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 3788
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BAC2126A6"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 5299024a-c01e-0079-4d47-3ce51a000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121324Z-174c587ffdf9xbcchC1TEBxkz4000000017000000000c5cb
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          5192.168.2.54971713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:24 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 2160
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA3B95D81"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 2aa1f1ad-b01e-003d-7c43-3cd32c000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121324Z-174c587ffdfks6tlhC1TEBeza400000001bg00000000htus
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          6192.168.2.54971413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:24 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 450
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BD4C869AE"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 3ae325a6-f01e-001f-6051-3c5dc8000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121324Z-15b8b599d88phfhnhC1TEBr51n00000001h0000000007ufe
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:24 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          7192.168.2.54972113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:26 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 474
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9964B277"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 657d02d2-201e-0033-2f57-3cb167000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121326Z-178bfbc474bgvl54hC1NYCsfuw000000031g000000000137
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          8192.168.2.54972213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:26 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 471
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB10C598B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 8592a006-f01e-0085-6b6a-3c88ea000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121326Z-174c587ffdftv9hphC1TEBm29w000000019000000000dfh4
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          9192.168.2.54972513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:26 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 467
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA6C038BC"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: de6003cd-b01e-0098-493c-3ccead000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121326Z-178bfbc474bv7whqhC1NYC1fg400000002zg000000005rvr
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          10192.168.2.54972313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:26 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 415
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9F6F3512"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 51fbd25c-e01e-0020-5e4d-3cde90000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121326Z-15b8b599d88m7pn7hC1TEB4axw00000001dg000000009583
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          11192.168.2.54972413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:26 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 632
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB6E3779E"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 81892826-901e-00ac-7050-3cb69e000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121326Z-15b8b599d88m7pn7hC1TEB4axw00000001hg000000002p1h
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:26 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          12192.168.2.54972813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:28 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:29 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:28 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 427
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA310DA18"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: f440515e-401e-0029-2e38-3c9b43000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121328Z-178bfbc474bq2pr7hC1NYCkfgg000000036g000000000pgk
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:29 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          13192.168.2.54972713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:28 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:29 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:28 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 486
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB344914B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 9bcae678-901e-007b-2946-3cac50000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121328Z-15b8b599d88pxmdghC1TEBux9c00000001n00000000028ag
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:29 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          14192.168.2.54973013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:28 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:29 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:28 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 407
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9698189B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: d1e74057-c01e-0014-6563-3ba6a3000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121328Z-178bfbc474bh5zbqhC1NYCkdug00000002tg00000000dwzy
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:29 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          15192.168.2.54972913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:28 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:29 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:28 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 486
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9018290B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: aff2abcc-f01e-0003-4547-3c4453000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121328Z-178bfbc474bbcwv4hC1NYCypys00000002q000000000dz2b
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:29 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          16192.168.2.54974013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:30 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:31 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 464
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B97FB6C3C"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 190bcf01-801e-0078-3650-3cbac6000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121331Z-15b8b599d889fz52hC1TEB59as000000019000000000e8ba
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          17192.168.2.54973813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:30 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:31 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 415
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA41997E3"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 7fd471a5-f01e-00aa-27bf-3b8521000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121331Z-15b8b599d88tmlzshC1TEB4xpn00000001d0000000001z7b
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          18192.168.2.54973713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:30 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:31 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 469
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BBA701121"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 63e0f5a8-701e-0032-207a-3ba540000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121331Z-174c587ffdf8fcgwhC1TEBnn7000000001g000000000ek25
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          19192.168.2.54973913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:31 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 477
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB8CEAC16"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 76a157b4-e01e-00aa-258c-3aceda000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121331Z-174c587ffdftjz9shC1TEBsh98000000015g00000000f8q9
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          20192.168.2.54972613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:31 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 407
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BBAD04B7B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 239436ba-d01e-0028-7bd5-3b7896000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121331Z-15b8b599d88s6mj9hC1TEBur30000000014000000000e1d9
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:31 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          21192.168.2.54974313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:33 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 494
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB7010D66"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 44e9982d-301e-001f-6639-3caa3a000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121333Z-15b8b599d8885prmhC1TEBsnkw00000001g0000000009kxf
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          22192.168.2.54974413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:33 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 419
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9748630E"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a56dfe0e-901e-0029-2976-3b274a000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121333Z-174c587ffdfcj798hC1TEB9bq400000001pg000000000edv
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          23192.168.2.54974513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:33 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 472
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9DACDF62"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 107b228c-c01e-00a2-1f8c-3a2327000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121333Z-178bfbc474bv587zhC1NYCny5w00000002vg000000005w8v
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          24192.168.2.54974613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:33 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 404
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9E8EE0F3"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: f19b5380-801e-0015-2749-3cf97f000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121333Z-15b8b599d885v8r9hC1TEB104g00000001f0000000007hbz
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          25192.168.2.54974713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:33 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:34 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:34 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9C8E04C8"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 70a27cfa-201e-0051-248c-3a7340000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121334Z-174c587ffdf4zw2thC1TEBu34000000001dg00000000f42t
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:34 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          26192.168.2.54974823.218.208.109443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:34 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                                          Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC467INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                          Server: ECAcc (lpl/EF57)
                                                                                                                                                                                                                                                                                                          X-CID: 11
                                                                                                                                                                                                                                                                                                          X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                                          X-Ms-Region: prod-neu-z1
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=102672
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:34 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          X-CID: 2


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          27192.168.2.54975013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:35 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 428
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BAC4F34CA"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a72cf994-301e-0099-6e45-3c6683000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121335Z-178bfbc474b7cbwqhC1NYC8z4n00000002t000000000ctdn
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          28192.168.2.54975113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:35 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 499
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B98CEC9F6"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: ed298b8a-a01e-0002-322d-3c5074000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121335Z-178bfbc474bnwsh4hC1NYC2ubs0000000330000000003g49
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          29192.168.2.54975213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:36 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:35 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 415
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B988EBD12"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 6a83a5f2-e01e-000c-157b-3b8e36000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121335Z-174c587ffdfmrvb9hC1TEBtn3800000001e00000000080rf
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:36 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          30192.168.2.54975313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:35 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:36 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:35 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 471
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB5815C4C"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a24720e5-f01e-0096-3f65-3b10ef000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121335Z-178bfbc474bbbqrhhC1NYCvw740000000320000000009zgx
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:36 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          31192.168.2.54975723.218.208.109443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:37 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                          Range: bytes=0-2147483646
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                                          Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:37 UTC535INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                                          ApiVersion: Distribute 1.1
                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                                          X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=102725
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:37 GMT
                                                                                                                                                                                                                                                                                                          Content-Length: 55
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          X-CID: 2
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:37 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                                                                                                          Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          32192.168.2.54975413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:37 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:37 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:37 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 419
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB32BB5CB"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a8d62205-901e-0083-0c0e-3bbb55000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121337Z-174c587ffdf4zw2thC1TEBu34000000001hg000000004kcp
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:37 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          33192.168.2.54976113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:37 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:38 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 494
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB8972972"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: ea8695b1-901e-002a-7283-3b7a27000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121338Z-174c587ffdfcb7qhhC1TEB3x7000000001hg000000004343
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          34192.168.2.54976413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:38 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 472
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9D43097E"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: fdab78a3-101e-005a-1d8c-3a882b000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121338Z-174c587ffdfx984chC1TEB676g00000001fg000000003w7g
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          35192.168.2.54976313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:38 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 420
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9DAE3EC0"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 65766a9d-a01e-0002-6d8c-3a5074000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121338Z-178bfbc474bnwsh4hC1NYC2ubs00000002y000000000e1zx
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          36192.168.2.54976513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:38 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 427
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA909FA21"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: bf14eb60-501e-007b-507b-3b5ba2000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121338Z-174c587ffdfx984chC1TEB676g00000001g00000000027yn
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:38 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          37192.168.2.54977113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:40 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 423
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB7564CE8"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: f14fa7ac-201e-000c-4a8c-3a79c4000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121340Z-174c587ffdfb485jhC1TEBmc1s000000016000000000c7g0
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          38192.168.2.54977013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:40 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 486
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B92FCB436"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 20caaba8-701e-005c-0363-3bbb94000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121340Z-178bfbc474bvjk8shC1NYC83ns00000002wg000000000w7x
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          39192.168.2.54977313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:40 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 404
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B95C61A3C"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: b7a4c0f2-401e-0064-554c-3c54af000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121340Z-15b8b599d88g5tp8hC1TEByx6w000000019000000000drr1
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          40192.168.2.54977413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:40 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB046B576"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 20e2cd06-701e-005c-2869-3bbb94000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121340Z-178bfbc474bwlrhlhC1NYCy3kg00000002vg00000000ek5v
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          41192.168.2.54977213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:40 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 478
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9B233827"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: e845eaf5-101e-008e-5d91-3bcf88000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121340Z-15b8b599d88m7pn7hC1TEB4axw00000001e00000000091g8
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:40 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          42192.168.2.54977713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:42 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 479
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB7D702D0"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 171ae584-101e-005a-6763-3b882b000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121342Z-178bfbc474bfw4gbhC1NYCunf400000002xg00000000a7ww
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          43192.168.2.54977613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:42 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 400
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB2D62837"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: ed66cbfc-201e-0051-7e30-3c7340000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121342Z-15b8b599d88cn5thhC1TEBqxkn000000018000000000b36z
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          44192.168.2.54977813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:43 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:42 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 425
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BBA25094F"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: c2180679-501e-008f-16bc-3b9054000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121342Z-178bfbc474bp8mkvhC1NYCzqnn00000002s000000000a7eu
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:43 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          45192.168.2.54977913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:43 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:43 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 475
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB2BE84FD"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 76e95f1f-101e-0034-7059-3b96ff000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121343Z-178bfbc474bh5zbqhC1NYCkdug00000002t000000000feqy
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:43 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          46192.168.2.54978113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:42 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:43 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:43 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 448
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB389F49B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 98e24ef8-f01e-0052-0940-3c9224000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121343Z-15b8b599d889gj5whC1TEBfyk00000000180000000007dwa
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:43 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          47192.168.2.54978213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:44 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:44 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 491
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B98B88612"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 2abfc2a9-b01e-003d-094d-3cd32c000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121344Z-15b8b599d886w4hzhC1TEBb4ug00000001bg00000000efmm
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          48192.168.2.54978313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:44 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:45 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 416
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BAEA4B445"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: ecf1de78-401e-0047-5d4b-3c8597000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121345Z-178bfbc474bq2pr7hC1NYCkfgg00000003200000000099fb
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          49192.168.2.54978413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:44 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:45 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 479
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B989EE75B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: fcdc764c-f01e-0052-4963-3b9224000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121345Z-178bfbc474bxkclvhC1NYC69g400000002yg000000003pww
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          50192.168.2.54978513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:45 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 415
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 4ec76ea5-a01e-006f-014e-3c13cd000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121345Z-178bfbc474bp8mkvhC1NYCzqnn00000002vg000000003kph
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          51192.168.2.54978613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:45 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 471
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B97E6FCDD"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 79a9dcb6-201e-003c-1c7b-3b30f9000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121345Z-174c587ffdfgcs66hC1TEB69cs000000015000000000gsuv
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:45 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          52192.168.2.549789172.64.41.34434752C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:47 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          CF-RAY: 8e68d5e3ce4218ea-EWR
                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 4f 00 04 8e fb 28 83 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcomO()


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          53192.168.2.549788162.159.61.34434752C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:47 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          CF-RAY: 8e68d5e42b6378e7-EWR
                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 27 00 04 8e fb 20 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom' c)


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          54192.168.2.549798162.159.61.34434752C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:47 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          CF-RAY: 8e68d5e45bcd7c87-EWR
                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 13 00 04 8e fa 50 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcomPc)


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          55192.168.2.54979213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:47 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 477
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA48B5BDD"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 138215a1-101e-0017-6465-3b47c7000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121347Z-178bfbc474bp8mkvhC1NYCzqnn00000002rg00000000ax3k
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          56192.168.2.54979013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:48 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 477
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA54DCC28"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 40c83c0a-001e-00ad-1e79-3b554b000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121348Z-174c587ffdfmrvb9hC1TEBtn3800000001b000000000fcmf
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          57192.168.2.54979113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:48 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 419
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB7F164C3"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 90758f84-b01e-0021-4c46-3ccab7000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121348Z-15b8b599d889gj5whC1TEBfyk000000001b0000000001654
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          58192.168.2.54978713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:48 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 419
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9C710B28"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: c2dc1527-b01e-0053-5db2-3bcdf8000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121348Z-174c587ffdfb485jhC1TEBmc1s00000001800000000083ht
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          59192.168.2.549802162.159.61.34434752C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          60192.168.2.54979313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:47 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:48 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 419
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9FF95F80"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a7625850-801e-007b-654c-3ce7ab000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121348Z-15b8b599d88s6mj9hC1TEBur30000000017g000000007qup
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:48 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          61192.168.2.54980520.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:49 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 3592
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:49 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:12:49 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 1ce55a60-ef12-4fd2-96eb-b0afb24b5046
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: PH1PEPF0001B805 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:49 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 1276
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          62192.168.2.54980713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:49 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:50 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 472
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB650C2EC"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 5304f1e1-001e-005a-6c6b-3bc3d0000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121350Z-178bfbc474bwlrhlhC1NYCy3kg00000002yg000000008dn8
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          63192.168.2.54980813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:49 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:50 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB3EAF226"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 6b17e566-f01e-003f-7a44-3cd19d000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121350Z-15b8b599d88f9wfchC1TEBm2kc00000001kg000000005afp
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          64192.168.2.54980913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:50 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 485
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB9769355"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: c2cadd2f-601e-0001-2bab-3bfaeb000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121350Z-15b8b599d882hxlwhC1TEBfa5w000000016g00000000dmrp
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC485INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          65192.168.2.54981113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC192OUTGET /rules/rule120662v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:50 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 470
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BBB181F65"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: db5fa324-001e-00ad-2244-3c554b000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121350Z-15b8b599d88m7pn7hC1TEB4axw00000001hg000000002pmb
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC470INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          66192.168.2.54981013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC192OUTGET /rules/rule120661v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:50 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 411
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B989AF051"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 961908b5-401e-0016-178c-3a53e0000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121350Z-178bfbc474bscnbchC1NYCe7eg0000000320000000009qdf
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:50 UTC411INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          67192.168.2.54981513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC192OUTGET /rules/rule120663v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:52 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 427
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB556A907"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 2145ee07-e01e-003c-0347-3cc70b000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121352Z-178bfbc474btvfdfhC1NYCa2en00000002x000000000efzn
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          68192.168.2.54981420.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 3592
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:12:52 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 21734bc4-0fd2-484f-b5aa-e737a956a41f
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: PH1PEPF00011FA1 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:51 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 1276
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          69192.168.2.54981620.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC446OUTPOST /ppsecure/deviceaddcredential.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 7642
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC7642OUTData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 71 75 65 73 74 3e 3c 43 6c 69 65 6e 74 49 6e 66 6f 20 6e 61 6d 65 3d 22 49 44 43 52 4c 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 3c 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 32 34 3c 2f 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 3c 2f 43 6c 69 65 6e 74 49 6e 66 6f 3e 3c 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 78 66 61 72 6c 76 6d 6b 73 64 74 6f 68 64 3c 2f 4d 65 6d 62 65 72 6e 61 6d 65 3e 3c 50 61 73 73 77 6f 72 64 3e 60 73 74 4f 6e 37 76 4f 2d 79 42 51 35 3a 74 69 2d 72 52 78 3c 2f 50 61 73 73 77 6f 72 64 3e 3c 2f 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4f 6c 64 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 76 6e 71 75 73 6b 66 70 70 70 63 69 76 63 3c 2f 4f 6c 64 4d
                                                                                                                                                                                                                                                                                                          Data Ascii: <DeviceAddRequest><ClientInfo name="IDCRL" version="1.0"><BinaryVersion>24</BinaryVersion></ClientInfo><Authentication><Membername>02xfarlvmksdtohd</Membername><Password>`stOn7vO-yBQ5:ti-rRx</Password></Authentication><OldMembername>02vnquskfpppcivc</OldM
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC542INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:12:52 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C542_BAY
                                                                                                                                                                                                                                                                                                          x-ms-request-id: ad855d9d-3c2b-4b1e-b76f-f49e9c49f049
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: PH1PEPF00011FE1 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:57 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 17166
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC15842INData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 73 70 6f 6e 73 65 20 53 75 63 63 65 73 73 3d 22 74 72 75 65 22 3e 3c 73 75 63 63 65 73 73 3e 74 72 75 65 3c 2f 73 75 63 63 65 73 73 3e 3c 70 75 69 64 3e 30 30 31 38 30 30 31 31 37 34 39 35 32 45 33 33 3c 2f 70 75 69 64 3e 3c 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 33 3c 2f 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 3c 4c 69 63 65 6e 73 65 20 43 6f 6e 74 65 6e 74 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31 2d 38 63 63 35 2d 62 32 66 35 33 63 38 33 30 62 37 36 22 20 49 44 3d 22 66 30 32 36 30 30 34 37 2d 64 66 34 32 2d 34 62 63 39 2d 61 66 38 38 2d 38 34 33 35 34 38 66 30 62 35 61 61 22 20 4c 69 63 65 6e 73 65 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <DeviceAddResponse Success="true"><success>true</success><puid>0018001174952E33</puid><DeviceTpmKeyState>3</DeviceTpmKeyState><License ContentID="3252b20c-d425-4711-8cc5-b2f53c830b76" ID="f0260047-df42-4bc9-af88-843548f0b5aa" LicenseID="3252b20c-d425-4711
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC1324INData Raw: 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 30 39 2f 78 6d 6c 64 73 69 67 23 65 6e 76 65 6c 6f 70 65 64 2d 73 69 67 6e 61 74 75 72 65 22 2f 3e 3c 2f 54 72 61 6e 73 66 6f 72 6d 73 3e 3c 44 69 67 65 73 74 4d 65 74 68 6f 64 20 41 6c 67 6f 72 69 74 68 6d 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 30 34 2f 78 6d 6c 65 6e 63 23 73 68 61 32 35 36 22 2f 3e 3c 44 69 67 65 73 74 56 61 6c 75 65 3e 67 74 71 77 70 52 35 66 47 44 61 6f 48 73 4d 37 49 57 47 4b 5a 67 61 77 58 61 30 42 50 69 47 61 65 35 62 49 75 6e 2f 52 51 4a 41 3d 3c 2f 44 69 67 65 73 74 56 61 6c 75 65 3e 3c 2f 52 65 66 65 72 65 6e 63 65 3e 3c 2f 53 69 67 6e 65 64 49 6e 66 6f 3e 3c 53 69 67 6e 61 74 75 72 65 56 61 6c 75 65 3e 41 46 38 6f 46 52 2b 47 66
                                                                                                                                                                                                                                                                                                          Data Ascii: tp://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>gtqwpR5fGDaoHsM7IWGKZgawXa0BPiGae5bIun/RQJA=</DigestValue></Reference></SignedInfo><SignatureValue>AF8oFR+Gf


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          70192.168.2.54981713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC192OUTGET /rules/rule120664v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:52 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 502
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB6A0D312"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 5c70d6ce-001e-00ad-368c-3a554b000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121352Z-174c587ffdfb74xqhC1TEBhabc00000001gg00000000119v
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC502INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          71192.168.2.54981813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC192OUTGET /rules/rule120665v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:52 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 407
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B9D30478D"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 04c68412-701e-000d-5268-3b6de3000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121352Z-178bfbc474brk967hC1NYCfu6000000002tg000000004dps
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          72192.168.2.54982013.107.246.63443760C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC192OUTGET /rules/rule120666v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:52 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 474
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB3F48DAE"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: f3939d66-c01e-00ad-3d3c-3ca2b9000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121352Z-178bfbc474b7cbwqhC1NYC8z4n00000002vg0000000089wb
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          73192.168.2.54981913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC192OUTGET /rules/rule120667v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:52 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 408
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB9B6040B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: ecab23c4-c01e-00ad-2963-3ba2b9000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121352Z-178bfbc474bbcwv4hC1NYCypys00000002t0000000008cbs
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:52 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          74192.168.2.54982213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:54 UTC192OUTGET /rules/rule120668v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:54 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:54 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 469
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB3CAEBB8"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a6c16221-901e-002a-0257-3c7a27000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121354Z-15b8b599d88l2dpthC1TEBmzr0000000018000000000fh5s
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:54 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          75192.168.2.54982613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:54 UTC192OUTGET /rules/rule120672v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:55 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:54 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 475
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BBA740822"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 5c8e7bca-d01e-0049-4f4b-3ce7dc000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121354Z-15b8b599d88vp97chC1TEB5pzw00000001d0000000006yxd
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:55 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          76192.168.2.54982313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:54 UTC192OUTGET /rules/rule120669v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:55 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:54 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 416
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB5284CCE"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 93d7ba64-801e-002a-7fce-3b31dc000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121354Z-15b8b599d882hxlwhC1TEBfa5w000000016g00000000dmys
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:55 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          77192.168.2.54982413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:54 UTC192OUTGET /rules/rule120670v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:55 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:54 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 472
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B91EAD002"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: e2ff131b-f01e-0085-7676-3b88ea000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121354Z-174c587ffdf6b487hC1TEBydsn00000001e0000000001rny
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:55 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          78192.168.2.54982513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:54 UTC192OUTGET /rules/rule120671v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:55 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:55 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 432
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BAABA2A10"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 23cbbb45-601e-0084-4e3d-3c6b3f000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121355Z-178bfbc474bnwsh4hC1NYC2ubs000000033g000000001ze0
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:55 UTC432INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          79192.168.2.54982813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:56 UTC192OUTGET /rules/rule120673v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:56 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 427
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB464F255"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 3d26e0c5-e01e-0020-6638-3cde90000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121356Z-178bfbc474bscnbchC1NYCe7eg000000035g000000002z70
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          80192.168.2.54982913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:56 UTC192OUTGET /rules/rule120674v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:57 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 474
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA4037B0D"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 9a395038-201e-0071-807e-3bff15000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121357Z-174c587ffdf4zw2thC1TEBu34000000001c000000000hqn7
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          81192.168.2.54983213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:56 UTC192OUTGET /rules/rule120677v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:57 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 405
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B942B6AFF"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: c9b33041-e01e-0033-176b-3b4695000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121357Z-178bfbc474bnwsh4hC1NYC2ubs00000002x000000000faat
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          82192.168.2.54983113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC192OUTGET /rules/rule120676v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:57 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 472
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B984BF177"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 00c17fdd-701e-000d-2f70-3c6de3000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121357Z-174c587ffdf89smkhC1TEB697s00000001kg000000001xx3
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          83192.168.2.54983013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC192OUTGET /rules/rule120675v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:57 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 419
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA6CF78C8"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 38897bff-401e-000a-368c-3a4a7b000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121357Z-174c587ffdfmrvb9hC1TEBtn3800000001eg000000006yky
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:57 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          84192.168.2.54983413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:58 UTC192OUTGET /rules/rule120678v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:59 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BBA642BF4"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 1e58b78d-401e-0029-678d-3b9b43000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121359Z-174c587ffdf8lw6dhC1TEBkgs8000000019g00000000gsza
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          85192.168.2.54983613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC192OUTGET /rules/rule120680v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:59 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1952
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B956B0F3D"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 8176cca2-201e-0003-2c64-3bf85a000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121359Z-178bfbc474bh5zbqhC1NYCkdug00000002wg0000000070pt
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC1952INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          86192.168.2.54983813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC192OUTGET /rules/rule120682v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:59 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 501
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BACFDAACD"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: b5a95b30-c01e-002b-0632-3c6e00000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121359Z-178bfbc474bpscmfhC1NYCfc2c00000001eg00000000e7h0
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC501INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          87192.168.2.54983713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC192OUTGET /rules/rule120681v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:59 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 958
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BA0A31B3B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a3dd353e-a01e-0032-2c4e-3c1949000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121359Z-178bfbc474brk967hC1NYCfu6000000002qg00000000b901
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC958INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          88192.168.2.54983513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC192OUTGET /rules/rule120679v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:13:59 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 174
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B91D80E15"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 6f884587-b01e-0001-3155-3c46e2000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121359Z-15b8b599d889fz52hC1TEB59as00000001g000000000100y
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC174INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          89192.168.2.54983920.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 3592
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:13:59 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:13:00 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C516_BAY
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 10833eca-2a2e-4aa5-a7dd-0d91c3f796df
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: PH1PEPF00011EF7 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:00 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 11389
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          90192.168.2.54984120.12.23.50443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:00 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=5SDM6BUbS8a9zeP&MD=psOvlA2P HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                          Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                          ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                                                                                                                                                                                                                          MS-CorrelationId: ec415226-def7-4bc3-840d-afecd886b5ea
                                                                                                                                                                                                                                                                                                          MS-RequestId: 7b6a9469-948b-4df9-bfcb-587bcc7df7bb
                                                                                                                                                                                                                                                                                                          MS-CV: f90BjOJFoE2G5Bo1.0
                                                                                                                                                                                                                                                                                                          X-Microsoft-SLSClientCache: 1440
                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:00 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 30005
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                                                                                                                                                                                                                          Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                                                                                                                                                                                                                          Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          91192.168.2.54984213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC193OUTGET /rules/rule120602v10s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:01 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 2592
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BB5B890DB"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: fa8f60f6-901e-0083-3159-3cbb55000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121401Z-15b8b599d88cn5thhC1TEBqxkn00000001bg0000000045sb
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC2592INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          92192.168.2.54984313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC192OUTGET /rules/rule120601v3s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:01 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 3342
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582B927E47E9"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: abaf503b-901e-0064-2b47-3ce8a6000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121401Z-178bfbc474bv7whqhC1NYC1fg400000002y0000000009gm4
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC3342INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          93192.168.2.54984413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC193OUTGET /rules/rule224901v11s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:02 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:01 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 2284
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BCD58BEEE"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: d35eb2be-501e-0064-3d8c-3a1f54000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121401Z-178bfbc474bwlrhlhC1NYCy3kg000000030g000000003qcz
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:02 UTC2284INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          94192.168.2.54984513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC192OUTGET /rules/rule701200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:02 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:01 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1356
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDC681E17"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: c1a1f15b-901e-005b-358c-3a2005000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121401Z-174c587ffdftv9hphC1TEBm29w00000001ag000000009h1p
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:02 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          95192.168.2.54984613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:01 UTC192OUTGET /rules/rule701201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:02 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:01 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1393
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE3E55B6E"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: d2879cce-801e-0047-5869-3b7265000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121401Z-178bfbc474bh5zbqhC1NYCkdug00000002wg0000000070uy
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:02 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          96192.168.2.54984820.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:03 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 3592
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:03 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:13:03 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C516_BAY
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 271168e8-b522-4129-8a99-8e04f3bad0c2
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: PH1PEPF0001B847 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:03 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 11389
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          97192.168.2.54984913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:03 UTC192OUTGET /rules/rule700201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:03 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:03 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1393
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE39DFC9B"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 3994331f-f01e-0071-696c-3b431c000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121403Z-174c587ffdf89smkhC1TEB697s00000001g0000000007zyh
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:03 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          98192.168.2.54985313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC192OUTGET /rules/rule701251v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:04 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1395
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDE12A98D"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: cb31e276-601e-00ab-1151-3c66f4000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121404Z-178bfbc474bwlrhlhC1NYCy3kg00000002vg00000000em5a
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisi


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          99192.168.2.54985213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC192OUTGET /rules/rule702350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:04 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1358
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE6431446"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: fde4123d-901e-00a0-613d-3c6a6d000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121404Z-178bfbc474bbbqrhhC1NYCvw74000000030000000000ehae
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          100192.168.2.54985013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC192OUTGET /rules/rule700200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:04 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1356
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDF66E42D"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 297afce4-701e-0053-438c-3a3a0a000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121404Z-178bfbc474bvjk8shC1NYC83ns00000002r000000000cgrh
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          101192.168.2.54985113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC192OUTGET /rules/rule702351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:04 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1395
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE017CAD3"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 1a87898e-001e-002b-2066-3b99f2000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121404Z-178bfbc474bv7whqhC1NYC1fg400000002xg00000000aeh9
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:04 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          102192.168.2.54986413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC192OUTGET /rules/rule702951v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:06 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1405
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE12B5C71"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: b43d4aba-301e-0020-1845-3c6299000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121406Z-174c587ffdf8lw6dhC1TEBkgs800000001d0000000009bwy
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702951" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          103192.168.2.54986613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC192OUTGET /rules/rule702950v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:06 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1368
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDDC22447"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 008b0be1-f01e-001f-587c-3b5dc8000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121406Z-174c587ffdfb74xqhC1TEBhabc00000001g0000000002kub
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 72 61 6e 73 6c 61 74 6f 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702950" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTranslator" S="Medium" /> <F T=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          104192.168.2.54986213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC192OUTGET /rules/rule701250v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:06 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1358
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE022ECC5"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 16dd49bc-d01e-0066-804e-3cea17000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121406Z-178bfbc474bfw4gbhC1NYCunf400000002y0000000009a89
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 6f 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701250" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisio" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          105192.168.2.54986313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC192OUTGET /rules/rule700051v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:06 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1389
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE10A6BC1"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 11574f01-801e-0067-6559-3cfe30000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121406Z-174c587ffdfb485jhC1TEBmc1s000000017g000000009e67
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC1389INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          106192.168.2.54986513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC192OUTGET /rules/rule700050v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:06 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1352
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE9DEEE28"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: d85dbe48-801e-0067-109a-3bfe30000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121406Z-15b8b599d88f9wfchC1TEBm2kc00000001gg000000008wp1
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC1352INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="Medium" /> <F T="2"> <O T


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          107192.168.2.54986720.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 4775
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:06 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:07 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:13:07 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C555_BL2
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 5687b802-8177-4681-bcf7-672be3f82482
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D889 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:06 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 1918
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:07 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          108192.168.2.54987013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:08 UTC192OUTGET /rules/rule701150v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:08 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1364
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE1223606"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 45806a8e-701e-003e-807c-3b79b3000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121408Z-174c587ffdftjz9shC1TEBsh980000000190000000007vgg
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 6e 64 46 6f 6e 74 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextAndFonts" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          109192.168.2.54987113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:08 UTC192OUTGET /rules/rule702201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:08 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1397
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:56 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE7262739"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 9aa8fa60-a01e-001e-5131-3c49ef000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121408Z-178bfbc474bh5zbqhC1NYCkdug00000002zg0000000005dg
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTel


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          110192.168.2.54987313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:08 UTC192OUTGET /rules/rule700401v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:09 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1403
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDCB4853F"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: eb1e057a-b01e-0097-688c-3a4f33000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121409Z-178bfbc474bbbqrhhC1NYCvw74000000030g00000000crp4
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 31 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700401" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          111192.168.2.54986913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:08 UTC192OUTGET /rules/rule701151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:09 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1401
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE055B528"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 07391f24-a01e-0032-508c-3a1949000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121409Z-178bfbc474bv587zhC1NYCny5w00000002r000000000gfk7
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextA


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          112192.168.2.54987213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:08 UTC192OUTGET /rules/rule702200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:09 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1360
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDDEB5124"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: b47886c8-201e-00aa-0c8c-3a3928000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121409Z-178bfbc474b9fdhphC1NYCac0n00000002z0000000001us5
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 6c 4d 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTellMe" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          113192.168.2.54987520.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 4775
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:10 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:13:10 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C555_BAY
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 129afe5e-c6aa-4d20-9353-cb7a0a28e83f
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: PH1PEPF00011F59 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:09 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 1918
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:10 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          114192.168.2.54987420.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 4775
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:09 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:10 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:13:10 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C516_SN1
                                                                                                                                                                                                                                                                                                          x-ms-request-id: d4e1f366-c3d0-42ce-9072-95b2b007a478
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: SN1PEPF0002F166 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:09 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 11409
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:10 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          115192.168.2.54987713.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:10 UTC192OUTGET /rules/rule700400v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:11 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1366
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDB779FC3"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 48f36a6e-501e-0047-4f4c-3cce6c000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121411Z-15b8b599d88tr2flhC1TEB5gk400000001gg000000008s0m
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 30 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 65 6d 65 74 72 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700400" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTelemetry" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          116192.168.2.54987813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC192OUTGET /rules/rule700351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:11 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1397
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDFD43C07"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: af8656a8-801e-00a0-672a-3c2196000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121411Z-178bfbc474bnwsh4hC1NYC2ubs00000002yg00000000c3m0
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSys


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          117192.168.2.54987913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC192OUTGET /rules/rule700350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:11 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1360
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDD74D2EC"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 2537bc41-601e-0050-496a-3c2c9c000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121411Z-174c587ffdfmlsmvhC1TEBvyks00000001eg00000000gbm6
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 74 65 6d 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSystem" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          118192.168.2.54988013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC192OUTGET /rules/rule703901v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:11 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1427
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE56F6873"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: ee240466-601e-00ab-24f2-3a66f4000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121411Z-178bfbc474btrnf9hC1NYCb80g000000032000000000axc7
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC1427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703901" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexu


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          119192.168.2.54988113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC192OUTGET /rules/rule703900v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:11 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1390
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE3002601"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 3cbcbade-201e-0000-6443-3ca537000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121411Z-178bfbc474bv7whqhC1NYC1fg400000002y0000000009h3u
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:11 UTC1390INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 53 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703900" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenServiceabilityManager" S=


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          120192.168.2.549897162.159.61.34434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:13 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:13 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          CF-RAY: 8e68d68a78b57cea-EWR
                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 1a 00 04 8e fb 20 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom c)


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          121192.168.2.549896172.64.41.34434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:13 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:13 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          CF-RAY: 8e68d68acf978c6f-EWR
                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 a5 00 04 8e fb 23 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom#)


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          122192.168.2.549898162.159.61.34434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:13 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:13 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                                          CF-RAY: 8e68d68b3b9741de-EWR
                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 27 00 04 8e fa 51 e3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom'Q)


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          123192.168.2.54989213.107.246.634436764C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC192OUTGET /rules/rule701501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1401
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:48 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE2A9D541"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 2155ac17-401e-00a3-238c-3a8b09000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121414Z-174c587ffdfmrvb9hC1TEBtn3800000001gg000000001abh
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenS


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          124192.168.2.54989313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC192OUTGET /rules/rule702800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1354
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE0662D7C"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 119e228c-001e-0046-1663-3bda4b000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121414Z-178bfbc474bh5zbqhC1NYCkdug00000002x0000000006exb
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC1354INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S="Medium" /> <F T="2"> <O


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          125192.168.2.54989420.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 4775
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:13:14 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C516_SN1
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 57eb141c-6198-4c18-885b-18fbdcf7fb76
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: SN1PEPF0002F037 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 11409
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          126192.168.2.54988913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC192OUTGET /rules/rule701500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1364
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BEB6AD293"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: c7391ddf-401e-0064-3568-3b54af000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121414Z-178bfbc474brk967hC1NYCfu6000000002p000000000d5ep
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 63 75 72 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSecurity" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          127192.168.2.54989113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC192OUTGET /rules/rule703351v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1403
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDCDD6400"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: e8f84e55-c01e-0079-2269-3be51a000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121414Z-178bfbc474bmqmgjhC1NYCy16c000000034g0000000002as
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703351" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          128192.168.2.54989013.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC192OUTGET /rules/rule702801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:14 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1391
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDF58DC7E"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 23c3770b-601e-0084-293a-3c6b3f000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121414Z-178bfbc474btvfdfhC1NYCa2en0000000320000000005f34
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC1391INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          129192.168.2.549903162.159.61.34434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          130192.168.2.549904172.64.41.34434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:14 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          131192.168.2.54991413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:16 UTC192OUTGET /rules/rule701801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:16 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1403
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDC2EEE03"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 18ec886b-801e-0078-7044-3cbac6000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121416Z-178bfbc474bnwsh4hC1NYC2ubs00000002wg00000000gpdn
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          132192.168.2.54991113.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:16 UTC192OUTGET /rules/rule703350v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:17 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1366
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:42 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDF1E2608"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 652d7de6-201e-0033-5d3c-3cb167000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121417Z-178bfbc474bxkclvhC1NYC69g400000002w0000000008c6z
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 63 72 69 70 74 4c 61 62 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703350" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenScriptLab" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          133192.168.2.54991213.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:16 UTC192OUTGET /rules/rule703501v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:17 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1399
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:59 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE8C605FF"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 5c785bae-401e-0083-638c-3a075c000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121417Z-178bfbc474bv587zhC1NYCny5w00000002t000000000afet
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703501" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSa


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          134192.168.2.54991513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:16 UTC192OUTGET /rules/rule701800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:17 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1366
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BEA414B16"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 25bf86e9-c01e-007a-2c4f-3cb877000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121417Z-15b8b599d889gj5whC1TEBfyk000000001a0000000003b4s
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 73 6f 75 72 63 65 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenResources" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          135192.168.2.54991313.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:16 UTC192OUTGET /rules/rule703500v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:17 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1362
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BDF497570"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: cb4d723f-a01e-003d-7157-3c98d7000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121417Z-15b8b599d889fz52hC1TEB59as00000001f0000000003e34
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61 6e 64 62 6f 78 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703500" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSandbox" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          136192.168.2.54991820.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 4775
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:13:17 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C516_BAY
                                                                                                                                                                                                                                                                                                          x-ms-request-id: e2ec412d-02ea-4f57-9b0b-e33a6e3cacae
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: PH1PEPF0001B844 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:16 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 11389
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          137192.168.2.54993823.209.72.334434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC627OUTGET /bundles/v1/edgeChromium/latest/vendors.7e27cca6027b8d6697cb.js HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: assets.msn.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1237INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                          Content-MD5: 2o3TH2IeNXyf9OP87xu6FA==
                                                                                                                                                                                                                                                                                                          Last-Modified: Fri, 15 Nov 2024 22:31:11 GMT
                                                                                                                                                                                                                                                                                                          ETag: 0x8DD05C53565F83D
                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 64e866d1-101e-0037-3246-3988b3000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:18 GMT
                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Connection: Transfer-Encoding
                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          Akamai-Request-BC: [a=23.210.4.150,b=480449211,c=g,n=US_NJ_SECAUCUS,o=20940]
                                                                                                                                                                                                                                                                                                          Server-Timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                                                                                                                                                          Akamai-Cache-Status: Hit from child
                                                                                                                                                                                                                                                                                                          Akamai-Server-IP: 23.210.4.150
                                                                                                                                                                                                                                                                                                          Akamai-Request-ID: 1ca312bb
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.9604d217.1732277658.1ca312bb
                                                                                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC15147INData Raw: 30 30 30 30 36 30 30 30 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 76 65 6e 64 6f 72 73 2e 37 65 32 37 63 63 61 36 30 32 37 62 38 64 36 36 39 37 63 62 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 28 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 3d 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 22 76 65 6e 64 6f 72 73 22 5d 2c 7b 37 33 30 34 30 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 7d 74 2e 65 78 70 6f 72 74 73 3d 65 2c 74 2e 65 78 70 6f 72 74 73 2e 48 74 74 70 73 41 67 65 6e 74 3d 65 7d 2c 31 33 30 31
                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000/*! For license information please see vendors.7e27cca6027b8d6697cb.js.LICENSE.txt */(self.edgeChromiumWebpackChunks=self.edgeChromiumWebpackChunks||[]).push([["vendors"],{73040:function(t){function e(){}t.exports=e,t.exports.HttpsAgent=e},1301
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC9441INData Raw: 6e 28 74 2c 65 29 7b 76 61 72 20 6e 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 3f 3a 28 5c 5c 64 7b 34 7d 7c 5b 2b 2d 5d 5c 5c 64 7b 22 2b 28 34 2b 65 29 2b 22 7d 29 7c 28 5c 5c 64 7b 32 7d 7c 5b 2b 2d 5d 5c 5c 64 7b 22 2b 28 32 2b 65 29 2b 22 7d 29 24 29 22 29 2c 72 3d 74 2e 6d 61 74 63 68 28 6e 29 3b 69 66 28 21 72 29 72 65 74 75 72 6e 7b 79 65 61 72 3a 4e 61 4e 2c 72 65 73 74 44 61 74 65 53 74 72 69 6e 67 3a 22 22 7d 3b 76 61 72 20 69 3d 72 5b 31 5d 3f 70 61 72 73 65 49 6e 74 28 72 5b 31 5d 29 3a 6e 75 6c 6c 2c 6f 3d 72 5b 32 5d 3f 70 61 72 73 65 49 6e 74 28 72 5b 32 5d 29 3a 6e 75 6c 6c 3b 72 65 74 75 72 6e 7b 79 65 61 72 3a 6e 75 6c 6c 3d 3d 3d 6f 3f 69 3a 31 30 30 2a 6f 2c 72 65 73 74 44 61 74 65 53 74 72 69 6e 67 3a 74 2e 73 6c 69 63 65 28 28 72
                                                                                                                                                                                                                                                                                                          Data Ascii: n(t,e){var n=new RegExp("^(?:(\\d{4}|[+-]\\d{"+(4+e)+"})|(\\d{2}|[+-]\\d{"+(2+e)+"})$)"),r=t.match(n);if(!r)return{year:NaN,restDateString:""};var i=r[1]?parseInt(r[1]):null,o=r[2]?parseInt(r[2]):null;return{year:null===o?i:100*o,restDateString:t.slice((r
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 75 78 2f 22 29 7d 2c 61 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 65 5b 6e 5d 3d 74 5b 6e 5d 7d 29 29 7d 2c 73 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 20 6e 28 72 29 7b 69 66 28 65 28 72 29 29 7b 76 61 72 20 69 3d 74 28 72 29 3b 72 65 74 75 72 6e 20 61 28 74 2c 6e 29 2c 69 7d 72 65 74 75 72 6e 7b 7d 7d 3b 72 65 74 75 72 6e 20 61 28 74 2c 6e 29 2c 6e 7d 2c 66 3d 22 52 4f 4f 54 22 2c 6c 3d 22 4e 41 4d 45 53 50 41 43 45 5f 52 4f 4f 54 22 2c 76 3d 22 43 48 49 4c 44 22 2c 64 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20
                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000ux/")},a=function(t,e){return Object.keys(t).forEach((function(n){return e[n]=t[n]}))},s=function(t,e){var n=function n(r){if(e(r)){var i=t(r);return a(t,n),i}return{}};return a(t,n),n},f="ROOT",l="NAMESPACE_ROOT",v="CHILD",d=function(t){return
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC8204INData Raw: 65 3d 6c 5b 74 2e 63 68 61 72 41 74 28 6f 2b 2b 29 5d 3c 3c 31 38 7c 6c 5b 74 2e 63 68 61 72 41 74 28 6f 2b 2b 29 5d 3c 3c 31 32 7c 28 6e 3d 6c 5b 74 2e 63 68 61 72 41 74 28 6f 2b 2b 29 5d 29 3c 3c 36 7c 28 72 3d 6c 5b 74 2e 63 68 61 72 41 74 28 6f 2b 2b 29 5d 29 2c 69 2b 3d 36 34 3d 3d 3d 6e 3f 64 28 65 3e 3e 31 36 26 32 35 35 29 3a 36 34 3d 3d 3d 72 3f 64 28 65 3e 3e 31 36 26 32 35 35 2c 65 3e 3e 38 26 32 35 35 29 3a 64 28 65 3e 3e 31 36 26 32 35 35 2c 65 3e 3e 38 26 32 35 35 2c 32 35 35 26 65 29 3b 72 65 74 75 72 6e 20 69 7d 2c 4e 3d 6f 3f 74 3d 3e 61 74 6f 62 28 67 28 74 29 29 3a 63 3f 74 3d 3e 42 75 66 66 65 72 2e 66 72 6f 6d 28 74 2c 22 62 61 73 65 36 34 22 29 2e 74 6f 53 74 72 69 6e 67 28 22 62 69 6e 61 72 79 22 29 3a 4c 2c 44 3d 63 3f 74 3d 3e 70
                                                                                                                                                                                                                                                                                                          Data Ascii: e=l[t.charAt(o++)]<<18|l[t.charAt(o++)]<<12|(n=l[t.charAt(o++)])<<6|(r=l[t.charAt(o++)]),i+=64===n?d(e>>16&255):64===r?d(e>>16&255,e>>8&255):d(e>>16&255,e>>8&255,255&e);return i},N=o?t=>atob(g(t)):c?t=>Buffer.from(t,"base64").toString("binary"):L,D=c?t=>p
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC2479INData Raw: 30 30 30 30 30 39 41 33 0d 0a 72 63 65 2c 45 2e 65 78 65 63 28 74 29 29 3b 72 65 74 75 72 6e 20 65 2e 6c 61 73 74 49 6e 64 65 78 3d 74 2e 6c 61 73 74 49 6e 64 65 78 2c 65 7d 2c 78 3d 6e 28 35 36 31 33 37 29 2c 5f 3d 78 2e 5a 3f 78 2e 5a 2e 70 72 6f 74 6f 74 79 70 65 3a 76 6f 69 64 20 30 2c 53 3d 5f 3f 5f 2e 76 61 6c 75 65 4f 66 3a 76 6f 69 64 20 30 3b 76 61 72 20 54 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 53 3f 4f 62 6a 65 63 74 28 53 2e 63 61 6c 6c 28 74 29 29 3a 7b 7d 7d 2c 4c 3d 6e 28 39 37 35 35 38 29 3b 76 61 72 20 4e 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 76 61 72 20 72 3d 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3b 73 77 69 74 63 68 28 65 29 7b 63 61 73 65 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 42 75 66 66 65 72 5d
                                                                                                                                                                                                                                                                                                          Data Ascii: 000009A3rce,E.exec(t));return e.lastIndex=t.lastIndex,e},x=n(56137),_=x.Z?x.Z.prototype:void 0,S=_?_.valueOf:void 0;var T=function(t){return S?Object(S.call(t)):{}},L=n(97558);var N=function(t,e,n){var r=t.constructor;switch(e){case"[object ArrayBuffer]
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 3d 6e 28 37 31 31 35 35 29 3b 65 2e 5a 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 2c 73 29 7b 76 61 72 20 66 3d 2d 31 2c 6c 3d 69 2e 5a 2c 76 3d 21 30 2c 64 3d 74 2e 6c 65 6e 67 74 68 2c 70 3d 5b 5d 2c 68 3d 65 2e 6c 65 6e 67 74 68 3b 69 66 28 21 64 29 72 65 74 75 72 6e 20 70 3b 6e 26 26 28 65 3d 28 30 2c 75 2e 5a 29 28 65 2c 28 30 2c 63 2e 5a 29 28 6e 29 29 29 2c 73 3f 28 6c 3d 6f 2e 5a 2c 76 3d 21 31 29 3a 65 2e 6c 65 6e 67 74 68 3e 3d 32 30 30 26 26 28 6c 3d 61 2e 5a 2c 76 3d 21 31 2c 65 3d 6e 65 77 20 72 2e 5a 28 65 29 29 3b 74 3a 66 6f 72 28 3b 2b 2b 66 3c 64 3b 29 7b 76 61 72 20 67 3d 74 5b 66 5d 2c 5a 3d 6e 75 6c 6c 3d 3d 6e 3f 67 3a 6e 28 67 29 3b 69 66 28 67 3d 73 7c 7c 30 21 3d 3d 67 3f 67 3a 30 2c 76 26 26 5a 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000=n(71155);e.Z=function(t,e,n,s){var f=-1,l=i.Z,v=!0,d=t.length,p=[],h=e.length;if(!d)return p;n&&(e=(0,u.Z)(e,(0,c.Z)(n))),s?(l=o.Z,v=!1):e.length>=200&&(l=a.Z,v=!1,e=new r.Z(e));t:for(;++f<d;){var g=t[f],Z=null==n?g:n(g);if(g=s||0!==g?g:0,v&&Z=
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 6e 3a 64 65 6c 65 74 65 20 74 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: n:delete t
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 5b 63 5d 29 2c 69 7d 7d 2c 38 37 33 33 39 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 3d 6e 28 38 30 33 32 33 29 2c 69 3d 6e 28 33 36 31 32 29 2c 6f 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 70 72 6f 70 65 72 74 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 2c 75 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 2c 63 3d 75 3f 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 74 3f 5b 5d 3a 28 74 3d 4f 62 6a 65 63 74 28 74 29 2c 28 30 2c 72 2e 5a 29 28 75 28 74 29 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6f 2e 63 61 6c 6c 28 74 2c 65 29 7d 29 29 29 7d 3a 69 2e 5a 3b 65 2e 5a 3d
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000[c]),i}},87339:function(t,e,n){"use strict";var r=n(80323),i=n(3612),o=Object.prototype.propertyIsEnumerable,u=Object.getOwnPropertySymbols,c=u?function(t){return null==t?[]:(t=Object(t),(0,r.Z)(u(t),(function(e){return o.call(t,e)})))}:i.Z;e.Z=
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 3d 3d 74 79 70 65 6f 66 20 74 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: ==typeof t
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC15599INData Raw: 30 30 30 30 33 43 45 33 0d 0a 7d 7d 2c 34 34 31 39 39 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 3d 6e 28 34 38 35 31 30 29 2c 69 3d 6e 28 31 32 35 34 35 29 2c 6f 3d 6e 28 32 35 31 39 37 29 2c 75 3d 46 75 6e 63 74 69 6f 6e 2e 70 72 6f 74 6f 74 79 70 65 2c 63 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2c 61 3d 75 2e 74 6f 53 74 72 69 6e 67 2c 73 3d 63 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 66 3d 61 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 29 3b 65 2e 5a 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 21 28 30 2c 6f 2e 5a 29 28 74 29 7c 7c 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 28 30 2c 72 2e 5a 29 28 74 29 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 28 30 2c 69
                                                                                                                                                                                                                                                                                                          Data Ascii: 00003CE3}},44199:function(t,e,n){"use strict";var r=n(48510),i=n(12545),o=n(25197),u=Function.prototype,c=Object.prototype,a=u.toString,s=c.hasOwnProperty,f=a.call(Object);e.Z=function(t){if(!(0,o.Z)(t)||"[object Object]"!=(0,r.Z)(t))return!1;var e=(0,i


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          138192.168.2.54993623.209.72.334434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC629OUTGET /bundles/v1/edgeChromium/latest/microsoft.4a2a9ed8240d3004231b.js HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: assets.msn.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1237INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                          Content-MD5: HxbYbI6fIhdaRBln8Sc3OA==
                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 21 Nov 2024 21:45:21 GMT
                                                                                                                                                                                                                                                                                                          ETag: 0x8DD0A75CC92A95D
                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 3f59ebcd-b01e-0085-2e5e-3c96a0000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:18 GMT
                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Connection: Transfer-Encoding
                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          Akamai-Request-BC: [a=23.210.4.149,b=745763218,c=g,n=US_NJ_SECAUCUS,o=20940]
                                                                                                                                                                                                                                                                                                          Server-Timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                                                                                                                                                          Akamai-Cache-Status: Hit from child
                                                                                                                                                                                                                                                                                                          Akamai-Server-IP: 23.210.4.149
                                                                                                                                                                                                                                                                                                          Akamai-Request-ID: 2c737192
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.9504d217.1732277658.2c737192
                                                                                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC15147INData Raw: 30 30 30 30 36 30 30 30 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 6d 69 63 72 6f 73 6f 66 74 2e 34 61 32 61 39 65 64 38 32 34 30 64 33 30 30 34 32 33 31 62 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 28 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 3d 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 22 6d 69 63 72 6f 73 6f 66 74 22 5d 2c 7b 36 33 31 36 35 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 65 2c 7b 5a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 41 7d 7d 29 3b 76
                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000/*! For license information please see microsoft.4a2a9ed8240d3004231b.js.LICENSE.txt */(self.edgeChromiumWebpackChunks=self.edgeChromiumWebpackChunks||[]).push([["microsoft"],{63165:function(t,e,n){"use strict";n.d(e,{Z:function(){return A}});v
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC9441INData Raw: 72 2e 62 24 2c 6f 2e 48 44 2c 6f 2e 68 6a 2c 6f 2e 6a 6e 2c 6f 2e 6d 66 2c 6f 2e 6b 4a 2c 6f 2e 4b 6e 2c 6f 2e 6e 64 2c 72 2e 4d 46 2c 6f 2e 59 36 2c 72 2e 63 70 2c 73 2e 70 37 2c 73 2e 55 59 2c 6f 2e 6c 5f 2c 6c 2e 63 39 2c 6c 2e 49 62 2c 6f 2e 49 64 2c 6f 2e 72 57 2c 6f 2e 59 6d 2c 6f 2e 6f 38 2c 6f 2e 6c 65 2c 6f 2e 6e 72 2c 6f 2e 6d 66 2c 6f 2e 4b 6e 2c 6f 2e 4a 5f 2c 6f 2e 6b 4a 2c 6f 2e 56 5a 2c 6f 2e 48 44 2c 6f 2e 68 6a 2c 6f 2e 6a 6e 2c 6f 2e 59 36 2c 6f 2e 74 4f 2c 6f 2e 55 41 2c 6f 2e 4d 72 2c 6f 2e 58 7a 2c 6f 2e 6e 64 2c 64 2e 70 75 2c 6f 2e 46 59 2c 6f 2e 6c 5f 2c 6c 2e 49 62 2c 6f 2e 6d 36 2c 72 2e 77 31 2c 61 2e 47 57 2c 61 2e 4a 6a 2c 75 2e 70 5a 2c 75 2e 61 7a 2c 75 2e 5f 6c 2c 75 2e 43 4e 2c 75 2e 46 36 2c 61 2e 44 4f 3b 66 75 6e 63 74
                                                                                                                                                                                                                                                                                                          Data Ascii: r.b$,o.HD,o.hj,o.jn,o.mf,o.kJ,o.Kn,o.nd,r.MF,o.Y6,r.cp,s.p7,s.UY,o.l_,l.c9,l.Ib,o.Id,o.rW,o.Ym,o.o8,o.le,o.nr,o.mf,o.Kn,o.J_,o.kJ,o.VZ,o.HD,o.hj,o.jn,o.Y6,o.tO,o.UA,o.Mr,o.Xz,o.nd,d.pu,o.FY,o.l_,l.Ib,o.m6,r.w1,a.GW,a.Jj,u.pZ,u.az,u._l,u.CN,u.F6,a.DO;funct
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 65 5b 72 2e 4d 57 5d 28 61 29 2c 31 3d 3d 3d 65 3f 74 5b 63 2e 79 73 5d 28 73 29 3a 74 5b 63 2e 63 4c 5d 28 73 29 7d 7d 7d 66 75 6e 63 74 69 6f 6e 20 76 28 74 2c 6e 29 7b 76 61 72 20 69 3d 28 30 2c 6f 2e 6a 29 28 65 7c 7c 7b 7d 29 3b 69 26 26 69 5b 72 2e 6d 63 5d 26 26 69 5b 72 2e 6d 63 5d 28 74 2c 6e 29 7d 21 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6e 3d 28 30 2c 61 2e 76 34 29 28 74 2e 6c 6f 67 67 69 6e 67 4c 65 76 65 6c 43 6f 6e 73 6f 6c 65 2c 30 29 2c 6c 3d 28 30 2c 61 2e 76 34 29 28 74 2e 6c 6f 67 67 69 6e 67 4c 65 76 65 6c 54 65 6c 65 6d 65 74 72 79 2c 31 29 2c 68 3d 28 30 2c 61 2e 76 34 29 28 74 2e 6d 61 78 4d 65 73 73 61 67 65 4c 69 6d 69 74 2c 32 35 29 2c 66 3d 28 30 2c 61 2e 76 34 29 28 74 5b 72 2e 46 72 5d 2c 21 31 29
                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000e[r.MW](a),1===e?t[c.ys](s):t[c.cL](s)}}}function v(t,n){var i=(0,o.j)(e||{});i&&i[r.mc]&&i[r.mc](t,n)}!function(t){n=(0,a.v4)(t.loggingLevelConsole,0),l=(0,a.v4)(t.loggingLevelTelemetry,1),h=(0,a.v4)(t.maxMessageLimit,25),f=(0,a.v4)(t[r.Fr],!1)
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC8204INData Raw: 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 6f 2e 5f 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 65 26 26 65 2e 75 6e 6c 6f 61 64 28 61 2c 74 29 2c 21 65 7d 2c 61 5b 69 2e 7a 56 5d 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 74 26 26 28 74 3d 6e 75 6c 6c 29 2c 28 30 2c 73 2e 6b 4a 29 28 74 29 26 26 28 74 3d 62 28 74 2c 72 2c 65 2c 6e 29 29 2c 76 28 74 7c 7c 61 5b 69 2e 57 32 5d 28 29 2c 65 2c 6e 29 7d 2c 61 7d 66 75 6e 63 74 69 6f 6e 20 6d 28 74 2c 65 2c 6e 29 7b 76 61 72 20 72 3d 65 5b 69 2e 54 43 5d 7c 7c 7b 7d 2c 6f 3d 70 28 74 2c 72 2c 65 2c 6e 29 2e 63 74 78 3b 72 65 74 75 72 6e 20 6f 5b 69 2e 75 4c 5d 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6f 2e 69 74 65 72 61 74 65 28 28 66
                                                                                                                                                                                                                                                                                                          Data Ascii: unction(t){var e=o._next();return e&&e.unload(a,t),!e},a[i.zV]=function(t,n){return void 0===t&&(t=null),(0,s.kJ)(t)&&(t=b(t,r,e,n)),v(t||a[i.W2](),e,n)},a}function m(t,e,n){var r=e[i.TC]||{},o=p(t,r,e,n).ctx;return o[i.uL]=function(t){return o.iterate((f
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 65 3d 21 30 2c 6e 3d 21 30 2c 69 3d 21 30 2c 6f 3d 22 75 73 65 2d 63 6f 6c 6c 65 63 74 6f 72 2d 64 65 6c 74 61 22 2c 73 3d 21 31 3b 28 30 2c 72 2e 5a 29 28 74 2c 74 68 69 73 2c 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 2e 61 6c 6c 6f 77 52 65 71 75 65 73 74 53 65 6e 64 69 6e 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 2c 74 2e 66 69 72 73 74 52 65 71 75 65 73 74 53 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 26 26 28 69 3d 21 31 2c 73 7c 7c 28 65 3d 21 31 29 29 7d 2c 74 2e 73 68 6f 75 6c 64 41 64 64 43 6c 6f 63 6b 53 6b 65 77 48 65 61 64 65 72 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 7d 2c 74
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000=function(){function t(){var e=!0,n=!0,i=!0,o="use-collector-delta",s=!1;(0,r.Z)(t,this,(function(t){t.allowRequestSending=function(){return e},t.firstRequestSent=function(){i&&(i=!1,s||(e=!1))},t.shouldAddClockSkewHeaders=function(){return n},t
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 69 6f 6e 28 29 7b 44 3d 6e 75 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: ion(){D=nu
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 6c 6c 2c 4b 28 30 3d 3d 3d 4d 3f 33 3a 31 2c 30 2c 31 29 2c 4d 2b 2b 2c 4d 25 3d 32 2c 47 28 29 7d 29 2c 65 29 3a 4d 3d 30 29 7d 66 75 6e 63 74 69 6f 6e 20 58 28 29 7b 6e 3d 6e 75 6c 6c 2c 78 3d 21 31 2c 43 3d 5b 5d 2c 6b 3d 6e 75 6c 6c 2c 53 3d 21 31 2c 24 3d 30 2c 54 3d 35 30 30 2c 4c 3d 30 2c 4f 3d 31 65 34 2c 49 3d 7b 7d 2c 45 3d 70 2c 44 3d 6e 75 6c 6c 2c 52 3d 6e 75 6c 6c 2c 46 3d 30 2c 4d 3d 30 2c 66 3d 6e 75 6c 6c 2c 4e 3d 7b 7d 2c 76 3d 76 6f 69 64 20 30 2c 6d 3d 30 2c 6a 3d 2d 31 2c 62 3d 6e 75 6c 6c 2c 5f 3d 21 30 2c 7a 3d 21 31 2c 71 3d 36 2c 55 3d 32 2c 79 3d 6e 75 6c 6c 2c 77 3d 64 74 28 29 2c 67 3d 6e 65 77 20 63 74 28 35 30 30 2c 32 2c 31 2c 7b 72 65 71 75 65 75 65 3a 6c 74 2c 73 65 6e 64 3a 62 74 2c 73 65 6e
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000ll,K(0===M?3:1,0,1),M++,M%=2,G()}),e):M=0)}function X(){n=null,x=!1,C=[],k=null,S=!1,$=0,T=500,L=0,O=1e4,I={},E=p,D=null,R=null,F=0,M=0,f=null,N={},v=void 0,m=0,j=-1,b=null,_=!0,z=!1,q=6,U=2,y=null,w=dt(),g=new ct(500,2,1,{requeue:lt,send:bt,sen
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 7b 61 3d 74 7d 7d 29 29 7d 72 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: {a=t}}))}r
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 65 74 75 72 6e 20 74 2e 63 6f 6f 6b 69 65 53 65 70 61 72 61 74 6f 72 3d 22 7c 22 2c 74 2e 75 73 65 72 43 6f 6f 6b 69 65 4e 61 6d 65 3d 22 61 69 5f 75 73 65 72 22 2c 74 2e 5f 73 74 61 74 69 63 49 6e 69 74 3d 76 6f 69 64 28 30 2c 73 2e 6c 5f 29 28 74 2e 70 72 6f 74 6f 74 79 70 65 2c 22 6c 6f 63 61 6c 49 64 22 2c 45 74 2c 44 74 29 2c 74 7d 28 29 2c 52 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 65 2e 70 6f 70 53 61 6d 70 6c 65 3d 31 30 30 2c 65 2e 65 76 65 6e 74 46 6c 61 67 73 3d 30 2c 74 2e 68 61 73 68 49 64 65 6e 74 69 66 69 65 72 73 26 26 28 65 2e 65 76 65 6e 74 46 6c 61 67 73 3d 31 30 34 38 35 37 36 7c 65 2e 65 76 65 6e 74 46 6c 61 67 73 29 2c 74 2e 64 72 6f 70 49 64 65 6e 74 69 66 69 65 72 73
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000eturn t.cookieSeparator="|",t.userCookieName="ai_user",t._staticInit=void(0,s.l_)(t.prototype,"localId",Et,Dt),t}(),Rt=function(t){var e=this;e.popSample=100,e.eventFlags=0,t.hashIdentifiers&&(e.eventFlags=1048576|e.eventFlags),t.dropIdentifiers
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 29 3d 3e 4d 61 74 68 2e 6d 69 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: )=>Math.mi


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          139192.168.2.54993523.209.72.334434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC626OUTGET /bundles/v1/edgeChromium/latest/common.37c1906034fdaa41cb10.js HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: assets.msn.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1237INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                          Content-MD5: wSE1x3u0ogD5sryD0Bakxw==
                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 21 Nov 2024 21:45:20 GMT
                                                                                                                                                                                                                                                                                                          ETag: 0x8DD0A75CBF62F39
                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 531502e1-201e-00b4-755e-3c3ea1000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:18 GMT
                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Connection: Transfer-Encoding
                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          Akamai-Request-BC: [a=23.210.4.160,b=776682428,c=g,n=US_NJ_SECAUCUS,o=20940]
                                                                                                                                                                                                                                                                                                          Server-Timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                                                                                                                                                          Akamai-Cache-Status: Hit from child
                                                                                                                                                                                                                                                                                                          Akamai-Server-IP: 23.210.4.160
                                                                                                                                                                                                                                                                                                          Akamai-Request-ID: 2e4b3bbc
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.a004d217.1732277658.2e4b3bbc
                                                                                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC15147INData Raw: 30 30 30 30 36 30 30 30 0d 0a 28 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 3d 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 22 63 6f 6d 6d 6f 6e 22 5d 2c 7b 33 36 37 37 37 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 46 76 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 7d 2c 67 51 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 69 7d 7d 29 3b 63 6f 6e 73 74 20 69 3d 22 73 65 6c 65 63 74 65 64 4e 61 76 49 74 65 6d 43 6c 69 63 6b 65 64 22 3b 63 6c 61 73 73 20 72 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 7b 74 68 69 73 2e 73 75 70 70 6f 72 74
                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000(self.edgeChromiumWebpackChunks=self.edgeChromiumWebpackChunks||[]).push([["common"],{36777:function(e,t,n){"use strict";n.d(t,{Fv:function(){return r},gQ:function(){return i}});const i="selectedNavItemClicked";class r{constructor(){this.support
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC9441INData Raw: 65 55 52 4c 28 65 29 7b 76 61 72 20 74 2c 6e 3b 69 66 28 6e 75 6c 6c 3d 3d 3d 28 74 3d 74 68 69 73 2e 63 6f 6e 66 69 67 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 7c 7c 21 74 2e 64 61 74 61 5b 65 5d 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 63 6f 6e 73 74 20 69 3d 6e 75 6c 6c 3d 3d 3d 28 6e 3d 74 68 69 73 2e 63 6f 6e 66 69 67 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 6e 3f 76 6f 69 64 20 30 3a 6e 2e 64 61 74 61 5b 65 5d 2e 69 6d 61 67 65 5b 60 69 24 7b 74 68 69 73 2e 63 75 72 72 65 6e 74 52 65 73 6f 6c 75 74 69 6f 6e 7d 60 5d 3b 72 65 74 75 72 6e 28 74 68 69 73 2e 62 61 63 6b 67 72 6f 75 6e 64 49 6d 61 67 65 57 43 2e 63 6f 6e 66 69 67 2e 65 6e 61 62 6c 65 53 74 61 74 69 63 49 6d 61 67 65 73 3f 28 30 2c 44 2e 62 66 29 28 60 69 6d 61 67 65 24 7b 65 7d 60 29 3a 44 2e 71
                                                                                                                                                                                                                                                                                                          Data Ascii: eURL(e){var t,n;if(null===(t=this.config)||void 0===t||!t.data[e])return null;const i=null===(n=this.config)||void 0===n?void 0:n.data[e].image[`i${this.currentResolution}`];return(this.backgroundImageWC.config.enableStaticImages?(0,D.bf)(`image${e}`):D.q
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 67 64 22 2c 7b 64 65 74 61 69 6c 3a 7b 69 73 4c 6f 77 45 6e 64 44 65 76 69 63 65 3a 21 31 7d 7d 29 29 2c 74 68 69 73 2e 69 73 46 52 45 26 26 74 68 69 73 2e 63 6f 6e 66 69 67 2e 64 69 73 61 62 6c 65 47 61 6c 6c 65 72 79 46 52 45 41 6e 64 4c 6f 77 45 6e 64 29 7b 74 68 69 73 2e 63 75 72 72 65 6e 74 50 72 6f 76 69 64 65 72 3d 22 46 52 45 42 61 63 6b 67 72 6f 75 6e 64 22 3b 62 72 65 61 6b 7d 69 66 28 74 68 69 73 2e 62 61 63 6b 67 72 6f 75 6e 64 47 61 6c 6c 65 72 79 45 6c 69 67 69 62 69 6c 69 74 79 26 26 74 68 69 73 2e 67 61 6c 6c 65 72 79 42 61 63 6b 67 72 6f 75 6e 64 53 65 6c 65 63 74 69 6f 6e 4d 65 74 61 64 61 74 61 29 7b 69 66 28 22 43 4d 53 49 6d 61 67 65 22 3d 3d 3d 74 68 69 73 2e 67 61 6c 6c 65 72 79 42 61 63 6b 67 72 6f 75
                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000gd",{detail:{isLowEndDevice:!1}})),this.isFRE&&this.config.disableGalleryFREAndLowEnd){this.currentProvider="FREBackground";break}if(this.backgroundGalleryEligibility&&this.galleryBackgroundSelectionMetadata){if("CMSImage"===this.galleryBackgrou
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC8204INData Raw: 41 64 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 65 3f 76 6f 69 64 20 30 3a 65 2e 74 69 74 6c 65 2c 69 64 3a 6e 75 6c 6c 3d 3d 3d 28 74 3d 74 68 69 73 2e 6d 61 72 71 75 65 65 41 64 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 3f 76 6f 69 64 20 30 3a 74 2e 63 6c 69 63 6b 54 68 72 6f 75 67 68 55 72 6c 7d 7d 29 2e 67 65 74 4d 65 74 61 64 61 74 61 54 61 67 28 29 2c 74 68 69 73 2e 74 65 6c 65 6d 65 74 72 79 54 61 67 73 2e 6d 61 72 71 75 65 65 41 64 43 54 41 42 75 74 74 6f 6e 3d 74 68 69 73 2e 74 65 6c 65 6d 65 74 72 79 4f 62 6a 65 63 74 2e 61 64 64 4f 72 55 70 64 61 74 65 43 68 69 6c 64 28 7b 6e 61 6d 65 3a 22 4d 61 72 71 75 65 65 41 64 43 54 41 42 75 74 74 6f 6e 22 2c 74 79 70 65 3a 54 2e 63 39 2e 49 6e 74 65 72 61 63 74 69 6f 6e 2c 62 65 68 61 76 69 6f 72 3a 54 2e 77 75
                                                                                                                                                                                                                                                                                                          Data Ascii: Ad)||void 0===e?void 0:e.title,id:null===(t=this.marqueeAd)||void 0===t?void 0:t.clickThroughUrl}}).getMetadataTag(),this.telemetryTags.marqueeAdCTAButton=this.telemetryObject.addOrUpdateChild({name:"MarqueeAdCTAButton",type:T.c9.Interaction,behavior:T.wu
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 3f 76 6f 69 64 20 30 3a 65 2e 70 72 6f 70 65 72 74 69 65 73 3b 69 66 28 28 6e 75 6c 6c 3d 3d 74 3f 76 6f 69 64 20 30 3a 74 2e 6c 65 6e 67 74 68 29 3e 30 26 26 6e 29 72 65 74 75 72 6e 20 6e 7d 63 61 74 63 68 28 65 29 7b 63 6f 6e 73 74 20 74 3d 22 45 72 72 6f 72 20 69 6e 20 67 65 74 74 69 6e 67 20 77 70 6f 20 65 76 65 6e 74 20 67 6c 65 61 6d 20 64 61 74 61 22 3b 28 30 2c 6f 2e 48 29 28 72 2e 4f 64 35 2c 74 2c 60 65 72 72 6f 72 3a 24 7b 65 7d 60 29 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 28 29 29 2c 74 68 69 73 2e 63 68 72 6f 6d 69 75 6d 50 61 67 65 53 65 74 74 69 6e 67 73 43 6f 6e 6e 65 63 74 6f 72 3d 28 30 2c 57 2e 4b 30 29 28 6c 2e 52 4c 29 2c 74 68 69 73 2e 69 73 44 61 72 6b 4d 6f 64 65 3d 28 30 2c 59 2e 59 29 28 29 2c 74 68
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000?void 0:e.properties;if((null==t?void 0:t.length)>0&&n)return n}catch(e){const t="Error in getting wpo event gleam data";(0,o.H)(r.Od5,t,`error:${e}`)}return null}()),this.chromiumPageSettingsConnector=(0,W.K0)(l.RL),this.isDarkMode=(0,Y.Y)(),th
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 63 6b 5f 4d 61 72 71 75 65 65 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: ck_Marquee
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 41 64 28 74 68 69 73 2e 72 65 66 5f 6d 61 72 71 75 65 65 41 64 53 70 6f 6e 73 6f 72 4c 6f 67 6f 29 7d 61 73 79 6e 63 20 6f 6e 43 6c 69 63 6b 5f 4d 61 72 71 75 65 65 41 64 28 65 29 7b 77 69 6e 64 6f 77 2e 6f 70 65 6e 28 74 68 69 73 2e 6d 61 72 71 75 65 65 41 64 2e 63 6c 69 63 6b 54 68 72 6f 75 67 68 55 72 6c 2c 22 5f 62 6c 61 6e 6b 22 29 2e 66 6f 63 75 73 28 29 2c 61 77 61 69 74 20 73 65 2e 6f 2e 73 65 6e 64 42 65 61 63 6f 6e 73 28 74 68 69 73 2e 6d 61 72 71 75 65 65 41 64 2e 61 64 43 6c 69 63 6b 65 64 55 72 6c 73 29 2c 6b 2e 4d 30 2e 73 65 6e 64 41 63 74 69 6f 6e 45 76 65 6e 74 28 65 2c 54 2e 41 77 2e 43 6c 69 63 6b 2c 54 2e 77 75 2e 4e 61 76 69 67 61 74 65 29 7d 67 65 74 53 74 79 6c 65 46 6f 72 45 6c 65 6d 65 6e 74 4b 65 79
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000Ad(this.ref_marqueeAdSponsorLogo)}async onClick_MarqueeAd(e){window.open(this.marqueeAd.clickThroughUrl,"_blank").focus(),await se.o.sendBeacons(this.marqueeAd.adClickedUrls),k.M0.sendActionEvent(e,T.Aw.Click,T.wu.Navigate)}getStyleForElementKey
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 6c 6f 72 3a 72 67 62 61 28 30 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: lor:rgba(0
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 2c 30 2c 30 2c 30 2e 36 34 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 36 70 78 3b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 3b 68 65 69 67 68 74 3a 33 32 70 78 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 38 70 78 3b 77 69 64 74 68 3a 33 32 70 78 7d 2e 68 6f 74 53 70 6f 74 53 75 62 54 65 78 74 41 72 65 61 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 2e 37 34 29 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 36 70 78 3b 6f 70 61 63 69 74 79 3a 30 7d 2e 68 6f 74 53 70 6f 74 53 75 62 54 65 78 74 41 72 65 61 3a 68 6f 76 65 72 7b 6f 70 61 63 69 74 79 3a 31 7d 2e 68 6f 74 53 70 6f 74 54 65 78 74 41 72 65 61 7b 62 6f 72 64 65 72 2d 72 61 64 69
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000,0,0,0.64);border-radius:16px;cursor:default;height:32px;margin-inline-end:8px;width:32px}.hotSpotSubTextArea{color:rgba(255,255,255,0.74);font-size:12px;line-height:16px;opacity:0}.hotSpotSubTextArea:hover{opacity:1}.hotSpotTextArea{border-radi
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 79 6c 65 3d 74 68 69 73 2e 63 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: yle=this.c


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          140192.168.2.54993723.209.72.334434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC630OUTGET /bundles/v1/edgeChromium/latest/experience.3f74dd37531362580037.js HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: assets.msn.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1237INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                          Content-MD5: RqMBBpX9OCktYKjQHXiZJA==
                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 21 Nov 2024 21:45:22 GMT
                                                                                                                                                                                                                                                                                                          ETag: 0x8DD0A75CD1BD85A
                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 4c4d6dba-201e-00f9-335e-3cf14d000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:18 GMT
                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Connection: Transfer-Encoding
                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                          Akamai-Request-BC: [a=23.210.4.164,b=526529887,c=g,n=US_NJ_SECAUCUS,o=20940]
                                                                                                                                                                                                                                                                                                          Server-Timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                                                                                                                                                          Akamai-Cache-Status: Hit from child
                                                                                                                                                                                                                                                                                                          Akamai-Server-IP: 23.210.4.164
                                                                                                                                                                                                                                                                                                          Akamai-Request-ID: 1f62355f
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.a404d217.1732277658.1f62355f
                                                                                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC15147INData Raw: 30 30 30 30 36 30 30 30 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 2c 6e 2c 6f 2c 61 2c 69 2c 72 3d 7b 32 33 38 36 35 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 53 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 71 7d 7d 29 3b 76 61 72 20 6f 3d 6e 28 33 33 39 34 30 29 2c 61 3d 6e 28 36 35 31 37 35 29 2c 69 3d 6e 28 36 33 30 37 30 29 2c 72 3d 6e 28 33 39 30 30 31 29 2c 73 3d 6e 28 32 32 33 39 30 29 2c 64 3d 6e 28 34 34 38 38 36 29 2c 63 3d 6e 28 34 30 39 32 34 29 3b 76 61 72 20 6c 3d 6e 28 32 38 39 30 34 29 2c 70 3d 6e 28 39 39 34 35 32 29 2c 6d 3d 6e 28 34 32 35 39 30 29 2c 67 3d 6e 28 39 34 35 33 37 29 2c 75 3d 6e 28 38 35 32 30 35 29 2c 68 3d 6e 28 34 37 34
                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000!function(){var e,t,n,o,a,i,r={23865:function(e,t,n){"use strict";n.d(t,{S:function(){return q}});var o=n(33940),a=n(65175),i=n(63070),r=n(39001),s=n(22390),d=n(44886),c=n(40924);var l=n(28904),p=n(99452),m=n(42590),g=n(94537),u=n(85205),h=n(474
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC9441INData Raw: 6f 77 6e 53 63 72 6f 6c 6c 48 61 70 70 65 6e 65 64 3d 21 31 2c 74 68 69 73 2e 66 69 72 73 74 43 6c 69 63 6b 4c 6f 67 3d 21 31 2c 74 68 69 73 2e 66 69 72 73 74 4b 65 79 50 72 65 73 73 4c 6f 67 3d 21 31 2c 74 68 69 73 2e 62 69 6e 67 55 70 73 65 6c 6c 46 6f 63 75 73 65 64 3d 21 31 2c 74 68 69 73 2e 74 72 65 6e 64 69 6e 67 53 65 61 72 63 68 65 73 52 65 71 75 65 73 74 65 64 3d 21 31 2c 74 68 69 73 2e 6f 6e 41 75 74 6f 73 75 67 67 65 73 74 52 65 6e 64 65 72 65 64 3d 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 65 2e 74 61 72 67 65 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 53 75 67 67 4d 6f 64 65 22 29 3b 74 68 69 73 2e 69 73 4e 65 78 74 57 6f 72 64 41 53 4d 6f 64 65 3d 22 31 22 3d 3d 3d 74 7d 2c 74 68 69 73 2e 6f 6e 41 75 74 6f 73 75 67 67 65 73 74 53 68 6f 77 6e
                                                                                                                                                                                                                                                                                                          Data Ascii: ownScrollHappened=!1,this.firstClickLog=!1,this.firstKeyPressLog=!1,this.bingUpsellFocused=!1,this.trendingSearchesRequested=!1,this.onAutosuggestRendered=e=>{const t=e.target.getAttribute("SuggMode");this.isNextWordASMode="1"===t},this.onAutosuggestShown
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 6f 70 65 26 26 22 6b 69 64 73 22 3d 3d 3d 73 2e 6a 47 2e 43 75 72 72 65 6e 74 52 65 71 75 65 73 74 54 61 72 67 65 74 53 63 6f 70 65 2e 61 75 64 69 65 6e 63 65 4d 6f 64 65 3b 21 30 3d 3d 3d 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 6e 61 62 6c 65 57 65 62 41 50 49 53 75 67 67 65 74 69 6f 6e 26 26 21 6e 26 26 21 74 68 69 73 2e 69 73 4d 6f 62 69 6c 65 28 29 26 26 21 74 68 69 73 2e 69 73 54 61 62 6c 65 74 28 29 26 26 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 6e 61 62 6c 65 4d 53 4e 53 75 67 67 65 73 74 69 6f 6e 73 26 26 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 6e 61 62 6c 65 4d 53 4e 53 75 67 67 65 73 74 69 6f 6e 73 3e 30 3f 31 3d 3d 3d 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 6e 61 62 6c 65 4d 53 4e 53 75 67 67 65 73 74 69 6f
                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000ope&&"kids"===s.jG.CurrentRequestTargetScope.audienceMode;!0===this.options.enableWebAPISuggetion&&!n&&!this.isMobile()&&!this.isTablet()&&this.options.enableMSNSuggestions&&this.options.enableMSNSuggestions>0?1===this.options.enableMSNSuggestio
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC8204INData Raw: 6c 69 67 68 74 22 2c 76 6f 69 64 20 30 29 2c 28 30 2c 6f 2e 67 6e 29 28 5b 77 2e 6c 6b 5d 2c 50 2e 70 72 6f 74 6f 74 79 70 65 2c 22 67 65 74 50 6c 61 63 65 68 6f 6c 64 65 72 22 2c 6e 75 6c 6c 29 2c 28 30 2c 6f 2e 67 6e 29 28 5b 77 2e 6c 6b 5d 2c 50 2e 70 72 6f 74 6f 74 79 70 65 2c 22 65 6e 61 62 6c 65 53 65 61 72 63 68 53 75 67 67 65 73 74 69 6f 6e 47 68 6f 73 74 54 65 6d 70 6c 61 74 65 22 2c 6e 75 6c 6c 29 2c 50 3d 28 30 2c 6f 2e 67 6e 29 28 5b 79 2e 62 5d 2c 50 29 3b 76 61 72 20 49 3d 6e 28 35 30 36 33 32 29 2c 41 3d 6e 28 34 30 33 37 38 29 2c 52 3d 6e 28 39 35 38 29 2c 4c 3d 6e 28 32 37 34 36 30 29 2c 24 3d 6e 28 37 34 34 34 39 29 2c 4d 3d 6e 28 34 32 36 38 39 29 2c 45 3d 6e 28 32 36 37 33 38 29 2c 42 3d 6e 28 33 38 34 39 32 29 2c 6a 3d 6e 28 35 33 31
                                                                                                                                                                                                                                                                                                          Data Ascii: light",void 0),(0,o.gn)([w.lk],P.prototype,"getPlaceholder",null),(0,o.gn)([w.lk],P.prototype,"enableSearchSuggestionGhostTemplate",null),P=(0,o.gn)([y.b],P);var I=n(50632),A=n(40378),R=n(958),L=n(27460),$=n(74449),M=n(42689),E=n(26738),B=n(38492),j=n(531
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 74 68 3a 32 34 70 78 3b 68 65 69 67 68 74 3a 32 34 70 78 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 36 70 78 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 2e 64 65 65 70 2d 73 65 61 72 63 68 2d 62 74 6e 20 23 62 5f 73 68 5f 62 74 6e 5f 74 65 78 74 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 34 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 60 2e 77 69 74 68 42 65 68 61 76 69 6f 72 73 28 28 30 2c 48 2e 55 75 29 28 4f 2e 69 60 20 2e 64 65 65 70 2d 73 65 61 72 63 68 2d 62 74 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 34 61 34 61 34 61 3b 63 6f 6c 6f 72 3a 23 61 32 62 37 66 34 7d 2e 64 65 65 70 2d 73 65 61 72 63 68 2d 62 74 6e 20 23 62 5f 73 68 5f 62 74 6e 5f 69 73 70 72 74 7b 62 61 63 6b 67 72 6f 75 6e 64
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000th:24px;height:24px;margin-right:6px;display:inline-block}.deep-search-btn #b_sh_btn_text{line-height:24px;font-size:14px}`.withBehaviors((0,H.Uu)(O.i` .deep-search-btn{background:#4a4a4a;color:#a2b7f4}.deep-search-btn #b_sh_btn_isprt{background
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 65 28 29 29 7d 60 2c 59 65 3d 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: e())}`,Ye=
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 76 65 2e 64 79 60 24 7b 65 3d 3e 65 2e 73 65 61 72 63 68 42 75 74 74 6f 6e 4f 6e 4c 65 66 74 26 26 33 3d 3d 3d 65 2e 73 65 61 72 63 68 49 63 6f 6e 54 72 65 61 74 6d 65 6e 74 3f 71 65 3a 21 65 2e 73 65 61 72 63 68 42 75 74 74 6f 6e 4f 6e 4c 65 66 74 7c 7c 31 21 3d 3d 65 2e 73 65 61 72 63 68 49 63 6f 6e 54 72 65 61 74 6d 65 6e 74 26 26 32 21 3d 3d 65 2e 73 65 61 72 63 68 49 63 6f 6e 54 72 65 61 74 6d 65 6e 74 3f 65 2e 73 65 61 72 63 68 49 63 6f 6e 3f 4a 65 3a 51 65 3a 4b 65 7d 60 2c 58 65 3d 76 65 2e 64 79 60 3c 66 6c 75 65 6e 74 2d 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 74 6e 22 20 70 61 72 74 3d 22 62 75 74 74 6f 6e 22 20 74 69 74 6c 65 3d 24 7b 65 3d 3e 65 2e 6f 70 74 69 6f 6e 73 26 26 65 2e 6f 70
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000ve.dy`${e=>e.searchButtonOnLeft&&3===e.searchIconTreatment?qe:!e.searchButtonOnLeft||1!==e.searchIconTreatment&&2!==e.searchIconTreatment?e.searchIcon?Je:Qe:Ke}`,Xe=ve.dy`<fluent-button class="search-btn" part="button" title=${e=>e.options&&e.op
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 46 46 46 46 7d 7d 24 7b 75 2e 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: FFFF}}${u.
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 66 31 7d 20 40 6d 65 64 69 61 20 28 66 6f 72 63 65 64 2d 63 6f 6c 6f 72 73 3a 61 63 74 69 76 65 29 7b 2e 61 64 2d 73 6c 75 67 20 2e 61 64 2d 6c 61 62 65 6c 2c 2e 24 7b 28 30 2c 67 2e 6c 6a 29 28 22 2e 61 64 2d 73 6c 75 67 22 29 7d 20 2e 24 7b 28 30 2c 67 2e 6c 6a 29 28 22 2e 61 64 2d 6c 61 62 65 6c 22 29 7d 7b 62 6f 72 64 65 72 3a 30 2e 35 70 78 20 73 6f 6c 69 64 20 62 75 74 74 6f 6e 74 65 78 74 3b 6f 70 61 63 69 74 79 3a 31 7d 2e 61 64 2d 73 6c 75 67 20 2e 61 64 2d 6c 61 62 65 6c 2d 74 65 78 74 2c 2e 24 7b 28 30 2c 67 2e 6c 6a 29 28 22 2e 61 64 2d 73 6c 75 67 22 29 7d 20 2e 24 7b 28 30 2c 67 2e 6c 6a 29 28 22 2e 61 64 2d 6c 61 62 65 6c 2d 74 65 78 74 22 29 7d 7b 63 6f 6c 6f 72 3a 62 75 74 74 6f 6e 74 65 78 74 3b 6f 70 61 63
                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000f1} @media (forced-colors:active){.ad-slug .ad-label,.${(0,g.lj)(".ad-slug")} .${(0,g.lj)(".ad-label")}{border:0.5px solid buttontext;opacity:1}.ad-slug .ad-label-text,.${(0,g.lj)(".ad-slug")} .${(0,g.lj)(".ad-label-text")}{color:buttontext;opac
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC12INData Raw: 74 69 6f 6e 26 26 65 2e 62 65 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: tion&&e.be


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          141192.168.2.549934142.251.35.1614434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:17 UTC594OUTGET /crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC573INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          Content-Length: 138356
                                                                                                                                                                                                                                                                                                          X-GUploader-UploadID: AFiumC5o3EfmoRX5Dz29nH_MZkIFgttqo2Rx3ejj7psa_ZmmzABSQ5xLGC8juD5CKGCT_JT3gE9JKpUQMg
                                                                                                                                                                                                                                                                                                          X-Goog-Hash: crc32c=ld9IFg==
                                                                                                                                                                                                                                                                                                          Server: UploadServer
                                                                                                                                                                                                                                                                                                          Date: Thu, 21 Nov 2024 16:45:00 GMT
                                                                                                                                                                                                                                                                                                          Expires: Fri, 21 Nov 2025 16:45:00 GMT
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                                          Age: 70158
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 19 Nov 2024 16:44:49 GMT
                                                                                                                                                                                                                                                                                                          ETag: 2373c8b9_cba0b209_e851cacf_d4df989e_81c52a41
                                                                                                                                                                                                                                                                                                          Content-Type: application/x-chrome-extension
                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC817INData Raw: 43 72 32 34 03 00 00 00 e0 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                                                                                                                                                                                          Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: 5f b2 be 56 5f e7 71 3a 5f 86 5f 7f f9 35 7d d5 75 53 5c 9b ff 18 eb af ff 78 3f ab fa d7 9f 7e 5d cf 1f 43 2d ff b3 ba 0c 53 3d 4c bf fe f2 f7 5f 63 f1 50 97 42 ea cf d7 8f b0 2d 4d db 10 dc 36 32 b3 69 2a b3 51 d5 e3 f8 c4 ad eb 39 ef e7 ef dc 9c de 2b 53 3d 89 f4 f8 84 0e 2f 36 3a df cf c2 57 83 c8 90 71 6c 2f 67 fd f9 26 6a a9 79 fc f9 7b af ae 22 8b ce b1 9a fe 7c 1c dc 46 fa 1f e7 f8 7c 9c a3 f6 e3 56 f9 f6 f0 f3 99 aa 77 be 25 74 2e 79 86 2e 3f df 17 26 e2 e2 61 cc 9c 7f 3c d2 6e c2 88 c1 89 f6 53 2b 7c d4 17 3d 05 72 61 c7 0a 84 08 01 b1 27 7d f8 28 82 70 57 fb c2 16 8f d0 39 05 d7 73 e5 43 a3 d8 1f 9f 8e ca b9 96 26 6a 4a 9f 2d 27 13 f6 27 13 a8 ca 42 8d 30 f5 75 3f 2e a5 b9 3b 9f f6 e1 a3 34 9d 7f cf f3 e7 d9 c2 b9 f0 d4 c0 ac e6 90 42 86 4e 5c
                                                                                                                                                                                                                                                                                                          Data Ascii: _V_q:__5}uS\x?~]C-S=L_cPB-M62i*Q9+S=/6:Wql/g&jy{"|F|Vw%t.y.?&a<nS+|=ra'}(pW9sC&jJ-''B0u?.;4BN\
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: 8e b5 a1 c8 fb ee 81 60 65 eb 98 45 ab ec b5 f7 df 38 3e ce 17 36 8b 4c d7 7b 85 4d 64 18 16 65 b0 90 1e f2 cb 03 4c 8a 00 e1 48 79 96 ec 9b 3d f6 a0 d6 80 10 57 0f 10 60 43 7e af 8e 3f 1c b7 7a ee 1d 59 c2 29 1a 94 12 c6 ec 9e 28 ba 47 74 ea a9 92 fb f2 20 bd f4 20 c3 8a 8a 04 03 ec 56 83 d6 68 aa f5 88 d1 39 0a d6 d7 be fa 7f 68 70 d5 e2 31 37 1a 25 03 f1 55 98 2a 4b bd 68 22 81 eb 25 ad 18 84 19 e6 b8 d7 a1 60 b9 67 e1 89 9c f6 e2 ad 52 d0 c5 a6 dc ad e7 9e dc ca 7f d2 3e 77 87 7d e1 a1 a5 e9 a4 17 9a 04 c0 1e 05 42 14 c6 78 22 8b d6 00 1f f3 28 78 31 13 f3 7e 67 01 4e 72 8a 0f 75 ff 71 5f e5 6f 6d cd bd d1 43 0a 76 99 35 be 4a e5 2d 31 6c 3a 02 10 c5 56 13 ea 1e 23 15 1d 58 74 af 43 75 3d f0 13 03 bc 22 a2 fc ca 82 66 b9 ee fd 2e c5 46 f6 b8 53 d7 bc
                                                                                                                                                                                                                                                                                                          Data Ascii: `eE8>6L{MdeLHy=W`C~?zY)(Gt Vh9hp17%U*Kh"%`gR>w}Bx"(x1~gNruq_omCv5J-1l:V#XtCu="f.FS
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: eb 3e aa 67 36 b6 c2 7d dd cf 6f 71 6a 3c aa 40 7e 15 06 ce 18 81 87 14 8e b0 58 44 27 7a dd 77 ac b1 b7 dc 66 ab cf 89 e9 ce a6 3c ec 05 3f 02 02 d8 27 ea 46 4f 70 bb e1 2d 44 84 4e 09 f6 ed 1b e9 1b c5 3d 68 a6 0c d9 75 0f 3f b1 8e cd 35 f6 95 bf 91 bd 1a 69 d1 42 51 b5 ee b9 e2 ce 89 50 6c 26 16 de 89 5e bc e6 c4 fd 26 da f5 e3 ce 69 10 77 1e cc c8 01 e9 9e 41 6a 55 a0 38 bc ac b1 bf 6b be 7b ba 51 77 aa c0 9b 05 fc b0 44 37 6a e6 e1 c0 0e 78 4a 7b 14 13 4f eb 10 ed ee 3f fb 8d c4 1f af b9 25 7e f2 af cb 87 f0 11 f9 c7 c7 ff c1 df c8 80 4b b7 c6 3f 03 ce 51 66 ae c1 bd e9 35 31 9c a0 54 88 27 0b eb 52 98 2c 14 76 36 e7 d3 53 74 70 f3 94 48 50 51 74 c1 6a 6c c5 02 57 75 bf ea 37 d6 5c 85 75 ff 1a de 92 f6 c3 8e 3c db 2b f4 fc 0a bf 49 4b a8 ce 14 7e 00
                                                                                                                                                                                                                                                                                                          Data Ascii: >g6}oqj<@~XD'zwf<?'FOp-DN=hu?5iBQPl&^&iwAjU8k{QwD7jxJ{O?%~K?Qf51T'R,v6StpHPQtjlWu7\u<+IK~
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: 48 3f c7 20 98 a3 4a ae e7 0e 9d 1f 06 63 15 24 ff cb b8 61 7b a2 4e 58 74 c0 4c 09 86 ba 97 48 e8 03 c4 a9 0f ee 35 65 bd 60 e1 21 a1 18 44 a6 bd 68 e1 33 23 9a dc 91 a1 d2 1c 38 bf d3 98 ca 64 0f d9 ab 56 8f 6d 95 56 f8 a5 e3 ec 3d ef d5 2d b3 5c 3d e6 ff 3a fe 0d 19 c0 60 d4 b8 23 8f b9 88 da a3 ee df 88 f6 ec a7 9c 21 9f 2e 21 cc 81 f2 75 fd ed 12 f6 f3 fe 52 6a 9f db f0 a2 fb e9 a7 81 d4 f7 eb f5 58 53 9e 25 3f f7 32 7e 98 ff 3b 96 ae c7 fe 9f e7 2d df ff f0 9c e5 bf be 3b 4a 9f 4d 99 a9 ba 7f 9d 95 6c 74 8c da b7 42 c7 85 e0 d3 bd e4 8e ca 4d fb 56 f6 ea 5a f6 b6 f6 9f f3 77 e9 37 5f 85 df 9d ff fb bb 96 8e e7 01 8d 3f b9 f3 73 16 f3 d4 7e 18 a7 d6 fb f9 ff 5d c7 97 a1 e3 ee bb 84 8e a9 59 2c 05 d7 fa d6 5e e6 f7 e4 df 87 46 8b e9 f6 55 5f 7f fd e5
                                                                                                                                                                                                                                                                                                          Data Ascii: H? Jc$a{NXtLH5e`!Dh3#8dVmV=-\=:`#!.!uRjXS%?2~;-;JMltBMVZw7_?s~]Y,^FU_
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: 50 3d 5b 7f a3 9a c1 c2 43 a0 f0 9c cf 84 2c dc 6f 77 dd ff 5e 04 27 23 01 db 3b d0 22 fa fd ca c2 00 94 91 17 e4 5e bb e4 28 b3 f2 09 87 4b 75 14 8e e0 c2 6f 3a 13 0a 28 96 4a ee 0a 6a 2c 09 f3 2c c2 e9 23 6a 8c ec 09 a0 e8 96 87 84 d2 68 a5 cd ca f5 ec 0a 46 60 f9 be 7b e8 5e a6 f5 2e a5 46 6e c8 a6 db bc 01 50 4b 07 08 1d fb 12 3a a0 00 00 00 23 01 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 72 6f 2f 6d 65 73 73 61 67 65 73 2e 6a 73 6f 6e 55 54 05 00 01 ca 36 2a 67 0a 00 20 00 00 00 00 00 01 00 18 00 00 41 64 ae 95 2f db 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8d 52 c1 4e 1c 31 0c bd f3 15 d6 9c 8a 34 a0 65 7b 82 1b 82 55 4f 85 aa 2d 97 aa 17 6f c6 b3 58 ca 38 51
                                                                                                                                                                                                                                                                                                          Data Ascii: P=[C,ow^'#;"^(Kuo:(Jj,,#jhF`{^.FnPK:#PK!-_locales/ro/messages.jsonUT6*g Ad/RN14e{UO-oX8Q
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: ee 12 87 56 cb 68 4b 0f 6e 3d 2c 91 9f b7 f2 c2 8f 9e 81 ed 64 91 89 5f c8 93 db ec d7 38 3e f4 ec 97 19 5a 11 ad f3 b8 82 28 3a 6c b3 ee 24 e1 50 fb 79 09 cf f1 ad 57 e9 76 70 aa 85 35 32 aa 0a 0f 41 0d 1c 63 cf 15 51 0d 8c 44 97 9c 43 b8 94 04 8f 60 5f 09 e2 4b c0 6e a2 3a 29 12 e1 86 4f 49 97 b9 92 11 e2 5a d6 16 fc 60 20 03 a5 d7 f5 68 06 5f 65 93 9a dd ad 65 97 51 8b ac 05 b4 69 a5 64 30 17 f8 1c 4a 1d 10 6c a0 02 36 20 1b 29 c2 cd 6a e6 f5 e9 55 66 60 81 a8 0e 0c 0c 22 4a e0 41 05 8c 7f 9c 57 46 cf 54 ff 32 7c 7d 9b 6e 4b 1e be a1 2b 8b 2c ea 96 fa 5c 18 5d 04 b1 51 7c 89 a2 45 6d 3a 0b 61 c3 6f a2 78 04 e6 19 c0 10 c1 b2 2f e8 63 ec 0d 6c f9 20 a0 26 d6 8b ea b0 75 64 be 5d fd c4 70 d9 3b b5 ed d4 f1 bc 8d 4d 4a b4 8e 05 bc 1a 18 57 05 34 4d 40 13
                                                                                                                                                                                                                                                                                                          Data Ascii: VhKn=,d_8>Z(:l$PyWvp52AcQDC`_Kn:)OIZ` h_eeQid0Jl6 )jUf`"JAWFT2|}nK+,\]Q|Em:aox/cl &ud]p;MJW4M@
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: 8f 15 60 c1 98 b9 ab 80 ac 82 c5 04 63 89 63 38 bd 2a 36 1c e9 9a 44 2a 3c 4e 2d ee 92 46 8e 50 dc e3 94 bb f5 61 c2 1d cf 5c 48 24 42 49 6c 12 12 d7 49 d9 ae b5 78 32 3e ee bd 6d 14 36 10 04 42 78 75 49 e8 56 12 9a c0 f8 4e 5b 9e a8 18 48 07 60 fa c4 f3 b8 1c e9 66 42 8d 56 0a 4d 3a 20 57 32 60 3d 87 5b 12 2d 22 e5 44 56 25 e1 21 a6 58 0d e8 46 f5 04 83 06 0e 87 28 fb a4 f0 19 18 b8 02 88 01 7c 80 61 ef 0c 9c e0 24 d3 07 48 c9 09 3f e2 9c 5e e9 89 97 4b 26 3f f6 66 0d 22 cf 03 86 52 31 81 e4 3a 97 fa 54 dc fb b0 49 d9 ef a1 7d 1a 46 e5 77 f4 02 a7 fd a6 7b 35 4f fa 61 2c 0d 6e 07 7a 72 4d 94 18 5d f3 fe 4e 2c 30 9b 6d f6 54 60 d0 58 d4 81 d8 05 43 89 9b 2d 91 75 b1 84 72 e5 82 16 5a a8 d1 8f 71 28 22 a2 ed 69 03 7e 0f 3a 87 3c 26 69 4c 4d 0a 36 d7 c7 a7
                                                                                                                                                                                                                                                                                                          Data Ascii: `cc8*6D*<N-FPa\H$BIlIx2>m6BxuIVN[H`fBVM: W2`=[-"DV%!XF(|a$H?^K&?f"R1:TI}Fw{5Oa,nzrM]N,0mT`XC-urZq("i~:<&iLM6
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: 3f a2 77 74 f9 39 14 92 6f 30 19 61 42 16 3c c5 8e d8 b3 84 2e 10 d8 71 39 f8 5c 22 7b 60 27 ee 3a 3f 1a 26 6a f5 a8 f2 1f 13 ad 85 fc dd 51 24 58 d5 3c 25 19 9d fa 2b 81 d6 c7 4d 37 fd 9a e2 f2 53 ad 5f c1 c9 b9 41 f8 0f 77 84 84 39 d5 5c 7f 74 b0 dd bb 43 ac e6 be ce d5 bf df bb 77 82 1b a6 ff 9c 05 67 3a 77 fe 7a f2 5d 9a 09 4d 66 b5 8d f8 e6 d8 2d cb 4e 6d ee a3 82 48 7b c6 a8 5d b2 e8 52 97 3d e5 a5 b8 ef 36 ad cf 46 de f8 e7 8e 98 46 5f 0f 08 b5 d5 be 41 c5 77 eb e3 54 28 7a 31 07 87 c9 e3 1b f0 13 22 9f 73 e2 40 ce 5e e0 09 2d 54 01 dc 63 06 df 9b 0e c1 43 bf 5c bc 02 50 4b 07 08 c0 47 8a 9f 88 01 00 00 46 03 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 6b 6d 2f 6d 65 73
                                                                                                                                                                                                                                                                                                          Data Ascii: ?wt9o0aB<.q9\"{`':?&jQ$X<%+M7S_Aw9\tCwg:wz]Mf-NmH{]R=6FF_AwT(z1"s@^-TcC\PKGFPK!-_locales/km/mes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC1390INData Raw: c1 c2 b3 df 74 6f 40 46 69 27 57 e6 ee 9e df fa e6 7c 6c 22 ff dc fc cd 83 bf 84 75 53 df fb 95 fb e0 a6 5b e2 f7 c1 5f 87 cb 78 0d a9 ac a4 0c 68 8e 44 f1 68 52 0e 42 cf 48 31 70 61 e4 4c d1 69 c5 a7 46 2f 04 a6 71 7a 9a be 86 7e 9a df 4a 91 d1 b6 e2 f0 34 96 a4 11 21 a4 4d e9 67 b4 5d b3 aa 52 cd 51 3d 41 bb 66 f2 ab fd 2b c2 fc 18 cf 78 47 7c 50 e9 5f 0e f0 9b c4 43 6a 2a f2 42 35 42 84 04 d7 70 02 ab 0d b5 b1 89 32 98 e2 55 e6 4f d6 3f 1c 81 d7 4f df 01 50 4b 07 08 80 81 20 9b 32 02 00 00 f3 0a 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 73 6b 2f 6d 65 73 73 61 67 65 73 2e 6a 73 6f 6e 55 54 05 00 01 ca 36 2a 67 0a 00 20 00 00 00 00 00 01 00 18 00 00 41 64 ae 95 2f db 01 00
                                                                                                                                                                                                                                                                                                          Data Ascii: to@Fi'W|l"uS[_xhDhRBH1paLiF/qz~J4!Mg]RQ=Af+xG|P_Cj*B5Bp2UO?OPK 2PK!-_locales/sk/messages.jsonUT6*g Ad/


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          142192.168.2.54995213.91.96.1854434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC734OUTPOST /api/browser/edge/data/toptraffic/3 HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: data-edge.smartscreen.microsoft.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 746
                                                                                                                                                                                                                                                                                                          Accept: application/octet-stream;application/x-patch-bsdiff;
                                                                                                                                                                                                                                                                                                          Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiTnNHZFlHZ3hpZTRoQTlLNUtzWW9hdz09IiwgImhhc2giOiJLMkJiWXdVUEVOdz0ifQ==
                                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                          If-None-Match: "170540185939602997400506234197983529371"
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:18 UTC746OUTData Raw: 7b 22 69 64 65 6e 74 69 74 79 22 3a 7b 22 75 73 65 72 22 3a 7b 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 7d 2c 22 64 65 76 69 63 65 22 3a 7b 22 69 64 22 3a 6e 75 6c 6c 2c 22 63 75 73 74 6f 6d 49 64 22 3a 6e 75 6c 6c 2c 22 6f 6e 6c 69 6e 65 49 64 54 69 63 6b 65 74 22 3a 6e 75 6c 6c 2c 22 66 61 6d 69 6c 79 22 3a 33 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 2c 22 6f 73 56 65 72 73 69 6f 6e 22 3a 22 31 30 2e 30 2e 31 39 30 34 35 2e 32 30 30 36 2e 76 62 5f 72 65 6c 65 61 73 65 22 2c 22 62 72 6f 77 73 65 72 22 3a 7b 22 69 6e 74 65 72 6e 65 74 5f 65 78 70 6c 6f 72 65 72 22 3a 22 39 2e 31 31 2e 31 39 30 34 31 2e 30 22 7d 2c 22 6e 65 74 4a 6f 69 6e 53 74 61 74 75 73 22 3a 32 2c 22 65 6e 74 65 72 70 72 69 73 65 22 3a 7b 7d 2c 22 63 6c 6f 75 64 53 6b
                                                                                                                                                                                                                                                                                                          Data Ascii: {"identity":{"user":{"locale":"en-GB"},"device":{"id":null,"customId":null,"onlineIdTicket":null,"family":3,"locale":"en-GB","osVersion":"10.0.19045.2006.vb_release","browser":{"internet_explorer":"9.11.19041.0"},"netJoinStatus":2,"enterprise":{},"cloudSk
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC252INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:18 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                          Content-Length: 460992
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                          ETag: "638004170464094982"
                                                                                                                                                                                                                                                                                                          Request-Context: appId=cid-v1:3d5e3eff-de07-43c3-a15d-06b05ff513c8
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16132INData Raw: 00 01 b7 32 6c 49 bd 35 18 3c 43 00 3b d3 7b 9a 00 08 16 f5 5f 2b 6a 45 e7 a6 60 9a c2 7d 9c 16 00 0c 2d 9e cc 04 23 e9 41 f4 82 16 a9 4b 52 db 00 0c 6c e3 4d 30 2c 73 87 bc fb 29 94 39 d4 c2 00 0c b4 d9 e2 eb e5 8f d8 b5 78 ca fa c6 82 9e 00 0c da 46 f1 62 1d cd 1e ab c5 cd 6a 55 ed dc 00 0e 79 d2 8a 68 27 a0 d5 e5 e5 89 bf 4c 3c 1f 00 12 2a 1f c4 5a 99 f8 2a 25 e9 2a 92 1a f6 5f 00 14 b2 67 12 34 79 75 12 bc d6 99 a8 99 1c cc 00 14 c8 bf 10 27 63 3d b9 cd 49 30 99 bf d3 a1 00 17 f8 9d 81 a3 94 71 57 f8 bf 3c 3a 4e ba d2 00 1a 3c bc a6 55 f9 2c 4d 69 94 e9 c9 5f b9 8c 00 1f 17 b3 27 28 0e f5 55 df 39 10 21 05 ce 96 00 1f bc ff bf d8 75 92 d1 13 89 37 0b 86 dc 34 00 20 98 bc 45 61 f8 b8 0d 34 2e 2b fb 37 39 6b 00 21 54 ca 2d 35 57 fb 9f 21 b8 d7 9a 40 2b
                                                                                                                                                                                                                                                                                                          Data Ascii: 2lI5<C;{_+jE`}-#AKRlM0,s)9xFbjUyh'L<*Z*%*_g4yu'c=I0qW<:N<U,Mi_'(U9!u74 Ea4.+79k!T-5W!@+
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16384INData Raw: b8 6c 65 b5 81 d7 e8 96 a2 f6 fb f5 08 e9 4a 27 41 5a ef 9e 20 88 b1 dd 92 43 f1 c7 08 f6 31 2a b4 6b b0 d0 7b af f2 6e c0 3b 30 49 08 f7 14 46 2e c2 8e a1 9b 56 f6 89 ff 89 a1 a1 08 f8 86 49 94 74 f7 df c7 92 d3 f1 d5 09 db a4 08 f9 bb 85 2c 48 b7 6a b2 fe 9c 06 4c 91 ba af 08 fb 12 e5 67 95 f2 51 95 31 42 c4 14 92 6c 77 08 fb aa 20 c5 0c 96 4a 9a 6f 2e 40 d4 2b fd 90 08 fe aa 92 f9 b3 b3 8f b8 65 27 9b b9 df 14 f7 09 00 34 db 44 0d dd 66 70 53 8f 0b 31 18 8b ba 09 05 38 28 fa 80 5f eb 56 83 46 d1 dd 83 34 b7 09 06 35 0d 42 c1 3f 91 ee 97 ed f4 31 68 37 32 09 08 35 c9 14 24 10 2f b5 80 ac f7 9a 16 e6 e2 09 08 7a 82 38 a3 08 0b 00 2c 62 9c d0 2e d2 c4 09 09 d1 da a7 a8 16 cd 89 e5 ac fe b9 cc 8e 69 09 0e 20 d3 38 58 e2 6b 84 a1 e7 75 97 ad 75 61 09 0e 4d
                                                                                                                                                                                                                                                                                                          Data Ascii: leJ'AZ C1*k{n;0IF.VIt,HjLgQ1Blw Jo.@+e'4DfpS18(_VF45B?1h725$/z8,b.i 8XkuuaM
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16384INData Raw: 88 ca 0d 74 ff b7 03 d5 0b 17 29 2e 12 86 39 8d 65 51 d1 6b 43 f6 37 a6 5e 4e 7e d5 12 8c a6 4c a1 b4 9a f4 6b 69 49 eb 0d 33 90 eb 12 8f 60 36 ec 98 cd 7f 6a 59 fe c5 d1 d5 4b 38 12 92 da 96 3e 8a fd ee fb c5 ac d0 29 b4 8e 13 12 95 25 87 d8 33 f2 c0 16 e8 0f 63 67 d6 78 d1 12 96 03 01 99 d8 95 ea 2c 0a f8 85 62 05 db 93 12 96 52 aa 59 60 de e6 e9 8c 23 d4 b7 c1 34 3d 12 96 bf ae d0 b9 c2 92 db f1 41 07 61 b1 82 5d 12 97 53 89 b5 7c fd 88 82 19 c7 b1 b0 0f af ed 12 98 30 32 6a a5 03 4e 26 db 95 be 1b a9 a3 e2 12 9a ea fe 35 92 c8 f4 3b 7a 18 36 80 cb 78 bf 12 9b 33 a3 9e d9 7b 54 c8 7b da 3b ed a8 dd 25 12 9b 98 d3 83 cc 49 8e 52 58 13 7e 3f 04 d9 af 12 9c 0d 11 dc 93 65 32 c4 f0 f6 a9 12 25 13 25 12 9c 28 31 10 8a f9 38 40 df 1f 08 9f 08 d4 71 12 9f 71
                                                                                                                                                                                                                                                                                                          Data Ascii: t).9eQkC7^N~LkiI3`6jYK8>)%3cgx,bRY`#4=Aa]S|02jN&5;z6x3{T{;%IRX~?e2%%(18@qq
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16384INData Raw: 8c e6 1b 88 d1 53 7d a1 f2 bc f6 d3 1b bd 38 be aa 88 bb f2 1c 05 de ac 2c b3 63 c3 1b bf d8 bc e5 a8 4c 42 a1 5e 7d 76 56 07 18 dd 1b c1 05 6e 7a a0 f3 27 8e eb 4f 29 e6 e0 a0 2a 1b c2 a1 45 60 4f 19 d0 fa 94 66 c2 31 56 e0 ac 1b c3 58 61 04 7c 91 76 1b 27 0c 2e 05 4d 26 17 1b c4 0f 81 e0 48 ff 13 e9 e7 fd ae 77 76 47 85 1b c5 d5 9a 68 ef 46 53 52 de 8b 1c 3a 7b 4f 53 1b cc c2 c4 df 4d dc 18 9f 1a a6 aa 47 f5 9f 2e 1b cd 8c 32 11 55 08 6c 9c 2f 0b 09 34 58 ca d2 1b cf 2c 48 15 0b dd b9 a9 cc 90 e8 14 76 e1 c7 1b d1 50 e1 1f 03 b2 ff 0f ab b3 c3 a2 cf c2 1a 1b d6 7a 97 41 b9 a0 2a 37 7b ba 9a 0a 00 47 56 1b da a2 08 31 23 96 3c 24 0a b0 10 2f 5e b6 c3 1b dc 15 6b ce f9 b8 64 db f8 fb 84 2a d6 02 9b 1b dc 58 1e e3 44 3f fb c2 e7 7f 97 d4 41 5f 1c 1b dc 83
                                                                                                                                                                                                                                                                                                          Data Ascii: S}8,cLB^}vVnz'O)*E`Of1VXa|v'.M&HwvGhFSR:{OSMG.2Ul/4X,HvPzA*7{GV1#<$/^kd*XD?A_
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16384INData Raw: 9c f0 8f 05 68 32 cf 23 af 0f e9 31 25 17 e2 83 8c a0 e0 45 41 22 69 ae 51 16 97 9e 25 19 94 88 65 65 22 da 5c e4 68 67 07 cf 5f 7a 25 1e 6a 2e 6e bf 40 39 a7 91 dd 9f 82 5c b4 be 25 21 01 14 90 ab fe fa c5 d4 0a 62 0b cd 30 e1 25 21 03 7a 48 db 3d 1f b8 bc 66 91 12 c8 41 7f 25 24 00 6f 09 69 7b 22 bc d0 5a 82 9d c8 cb 00 25 24 76 95 60 1f 20 bf 51 8e ef 43 af 74 27 17 25 24 d0 90 ec 4d 35 f3 3b 75 d1 b6 56 62 63 3e 25 25 bd 14 86 f0 f0 dc 12 c9 55 32 f1 85 66 4f 25 25 de ea a2 0c 7b b9 31 02 c3 fc 10 0f 92 23 25 27 0a 2e 12 37 63 79 36 e7 03 6f 4c 1e 67 7e 25 29 ef 20 dd 60 cb e0 1f 91 82 96 c4 38 ef d3 25 2c 0d 19 1e 65 a3 27 9b 58 e2 44 e3 80 93 37 25 2c e2 18 e3 78 51 0e b2 f9 62 26 e5 78 8f 9f 25 36 84 bd bb 8f cc a6 bc 42 a8 bf 22 b0 f1 a9 25 3a 54
                                                                                                                                                                                                                                                                                                          Data Ascii: h2#1%EA"iQ%ee"\hg_z%j.n@9\%!b0%!zH=fA%$oi{"Z%$v` QCt'%$M5;uVbc>%%U2fO%%{1#%'.7cy6oLg~%) `8%,e'XD7%,xQb&x%6B"%:T
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16384INData Raw: b6 07 8f 44 9d 29 36 4f 29 8a 7d 80 2e 1d 98 b7 c7 17 54 cd a1 2b c2 e9 29 21 98 f9 2e 1f 4a 0d ee 13 3f 5a 00 ff e7 0d f0 d4 1c 86 2e 21 27 d4 ff 4a 83 22 1e 86 3f 93 6b 62 a1 0e 2e 25 e1 37 a1 70 d4 f6 b3 17 bd e9 dd 8d 2a 44 2e 26 32 0d f4 82 4c f6 14 9e 97 92 23 fa 52 37 2e 2a 40 96 f4 4d 34 89 21 f2 49 39 e8 d3 d3 19 2e 2b ef 39 f1 8a 4a 7e 28 b9 d0 be 00 6f 35 68 2e 2e 95 d3 bd e3 e7 a0 d6 d0 25 5e 0d b7 b5 a5 2e 31 ce 53 a9 54 e0 3b 3c 2f fc 4d eb 0f a5 e1 2e 33 1e 46 e8 3a 01 30 91 17 49 f3 33 11 46 79 2e 36 b7 bb 07 e4 6d 92 d5 42 49 d7 e5 49 f4 85 2e 36 e8 96 57 36 97 bb 40 7a 3b ca 8a e0 7e 53 2e 3a 1e f2 97 75 d6 ae 4f f5 85 eb 36 38 65 e5 2e 3a 59 df c9 6e 75 92 ac 40 ac 59 a6 fd e4 1c 2e 3b 8e 5c 94 1d 75 39 54 06 13 6b 6e 7f ef 30 2e 43 e8
                                                                                                                                                                                                                                                                                                          Data Ascii: D)6O)}.T+)!.J?Z.!'J"?kb.%7p*D.&2L#R7.*@M4!I9.+9J~(o5h..%^.1ST;</M.3F:0I3Fy.6mBII.6W6@z;~S.:uO68e.:Ynu@Y.;\u9Tkn0.C
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16384INData Raw: 02 f3 ca e4 05 cb a0 be 15 69 62 32 37 3c 37 3b db 81 8a b2 df cf ef b1 79 3f f8 ae 37 3d a3 01 e8 95 76 a1 63 78 77 2e 93 42 3d 4f 37 3e c4 08 a5 37 4f 84 43 dc 19 00 a9 8f 2e 0d 37 3f 82 55 cb cd 06 b9 0c 0d 94 f9 4f d6 82 e8 37 44 09 28 b8 33 ef b7 ee 6b 4c 90 ee e0 d1 3a 37 44 83 9a 56 2d 6a 58 ea 6b e5 8f 6a 1d 17 23 37 47 0f 55 f8 2b 1c 30 89 3a 1d e2 21 89 b7 42 37 4b 86 38 d0 cd 9f 96 62 d8 da bf d5 15 ed cb 37 4e 81 34 2b 0e ea ab 6f ae 29 15 59 32 ae 46 37 50 d2 0c 2a e2 ca 59 ec 21 86 70 f9 7a 6c d1 37 55 32 b2 91 f0 e7 b8 47 d0 f7 0f 64 90 d9 51 37 56 ce 44 24 61 58 d7 f8 d4 0d 8b fe 3d b0 27 37 58 1f 24 d2 a5 24 9c d7 5c 5a 71 f9 e9 f2 a3 37 58 9d d0 f0 06 3a 05 be 08 d9 90 bc 18 0d 71 37 5d 04 71 81 05 8e b6 9b 24 f2 54 35 1b 18 46 37 62 eb
                                                                                                                                                                                                                                                                                                          Data Ascii: ib27<7;y?7=vcxw.B=O7>7OC.7?UO7D(3kL:7DV-jXkj#7GU+0:!B7K8b7N4+o)Y2F7P*Y!pzl7U2GdQ7VD$aX='7X$$\Zq7X:q7]q$T5F7b
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16384INData Raw: 30 9b b9 2f 98 88 40 3b cc 98 d2 59 40 6d c4 d7 67 2a f1 8a f6 d5 d3 92 a9 c6 13 1d 40 71 5f 29 26 14 e2 86 f2 b1 3c d6 fc 07 07 4a 40 77 d4 86 06 be 80 6f b2 fd e4 19 fe 6b 6a 94 40 78 4d f5 b9 67 58 78 83 29 63 04 29 22 98 8d 40 7a 85 3f 10 18 78 19 d3 be 45 8d 0e 49 7b bb 40 7b 5d c5 55 97 e5 9d 35 9d 27 93 51 1d be 21 40 7d 42 88 f1 ca 9d ba 2a 28 3a f8 72 71 ba c7 40 7e 4d cf f4 13 b8 8f f1 9c e6 e4 a8 50 74 d0 40 80 bb 51 db 04 52 b7 b2 f3 5f dc db 6d 4b de 40 88 e2 91 a0 6c 67 8c d2 0b 9f d2 91 ca 6d 22 40 8a b9 d3 6a f9 07 64 05 ea 52 dc 44 82 0b 38 40 8b 54 ce 67 df 8c a3 48 2d 96 f6 ed e4 cf 78 40 8e 78 fd f9 d7 db ac 12 a0 80 27 db 9f 14 42 40 90 00 78 66 ff 66 2b 58 9f 18 13 aa 3d 6e b3 40 90 fa a1 0b 8e ee 2b 73 4b 59 c6 c9 b1 84 9b 40 93 53
                                                                                                                                                                                                                                                                                                          Data Ascii: 0/@;Y@mg*@q_)&<J@wokj@xMgXx)c)"@z?xEI{@{]U5'Q!@}B*(:rq@~MPt@QR_mK@lgm"@jdRD8@TgH-x@x'B@xff+X=n@+sKY@S
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC16384INData Raw: 66 82 7d 26 60 5e 84 ec 72 2a af 39 49 bb 12 c2 0a 6a 68 a1 f1 aa 3c 93 f9 79 13 0e 49 bb 81 dd 8c 7e 5d 19 6b 54 60 33 c1 1e 70 56 49 bc df 84 ed 14 a3 5d 07 06 25 84 6a 95 02 e0 49 bd eb 48 24 83 1e f1 e0 29 fe 9e e6 22 da 07 49 c1 2d 65 e8 79 f6 32 c8 9b 5b 3f 1a a8 9d b9 49 c4 33 af 97 7a e9 a1 ba ed 12 d0 a3 40 1e 42 49 c5 09 f1 9f 2c bb 61 75 14 cf 80 9c 0e 85 9e 49 c8 81 16 cb ae 60 54 25 eb 75 fe e4 b5 16 8c 49 cc 62 7c 10 80 46 f7 71 86 18 7b bd ea 45 5f 49 cd ad e9 e7 ee e9 a2 7e 24 2e 10 93 70 b0 ad 49 d1 bc ac 01 05 b1 9b be b4 f8 4e e6 0c 0d ac 49 d2 4b be 25 0a bd 70 d0 f7 10 c2 d7 38 8b f2 49 d4 c5 71 4c 7f 7a 2a 83 c3 c3 50 d2 c2 4c 3e 49 d5 40 eb ee b7 40 f4 16 fe b4 e7 35 d0 25 e3 49 d6 e7 89 68 04 ba a1 f5 37 3f 51 0a 5e cc 25 49 da b4
                                                                                                                                                                                                                                                                                                          Data Ascii: f}&`^r*9Ijh<yI~]kT`3pVI]%jIH$)"I-ey2[?I3z@BI,auI`T%uIb|Fq{E_I~$.pINIK%p8IqLz*PL>I@@5%Ih7?Q^%I


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          143192.168.2.54995513.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC192OUTGET /rules/rule701050v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:19 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1362
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BEB256F43"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 1a99a412-f01e-0099-613c-3c9171000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121419Z-174c587ffdfx984chC1TEB676g00000001dg000000007r4c
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 6c 65 61 73 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRelease" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          144192.168.2.54995413.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC192OUTGET /rules/rule701051v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:19 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1399
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:47 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE1CC18CD"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 21476416-401e-00a3-1c88-3a8b09000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121419Z-178bfbc474bscnbchC1NYCe7eg000000032g00000000999t
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRe


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          145192.168.2.54995613.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC192OUTGET /rules/rule702750v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:19 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1366
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE5B7B174"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: cb244ee5-a01e-003d-2a49-3c98d7000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121419Z-15b8b599d88qw29phC1TEB5zag00000001ag00000000bthk
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 37 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 75 62 6c 69 73 68 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 75 62 6c 69 73 68 65 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702750" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Publisher" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPublisher" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          146192.168.2.54995913.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC192OUTGET /rules/rule702751v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:19 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1403
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BEB866CDB"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: e8d3758b-d01e-0066-2757-3cea17000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121419Z-15b8b599d88vp97chC1TEB5pzw00000001f00000000031b6
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 37 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 75 62 6c 69 73 68 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702751" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Publisher.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                          147192.168.2.54995813.107.246.63443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC192OUTGET /rules/rule702301v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                          Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:19 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: text/xml
                                                                                                                                                                                                                                                                                                          Content-Length: 1399
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 09 Apr 2024 00:28:00 GMT
                                                                                                                                                                                                                                                                                                          ETag: "0x8DC582BE976026E"
                                                                                                                                                                                                                                                                                                          x-ms-request-id: 0b679675-f01e-005d-336b-3b13ba000000
                                                                                                                                                                                                                                                                                                          x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                          x-azure-ref: 20241122T121419Z-178bfbc474bh5zbqhC1NYCkdug00000002sg00000000g1m2
                                                                                                                                                                                                                                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 6a 65 63 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702301" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Project.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPr


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          148192.168.2.54996020.190.147.11443
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                          Content-Length: 4775
                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:19 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:20 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                          Expires: Fri, 22 Nov 2024 12:13:20 GMT
                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                          x-ms-route-info: C516_BL2
                                                                                                                                                                                                                                                                                                          x-ms-request-id: a6f0146e-1b53-42dd-806c-41b3a3c28231
                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: BL02EPF000276B8 V: 0
                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:19 GMT
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Content-Length: 11409
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:20 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                          149192.168.2.54996213.91.96.1854434744C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:20 UTC723OUTPOST /api/browser/edge/data/bloomfilter/x/3 HTTP/1.1
                                                                                                                                                                                                                                                                                                          Host: data-edge.smartscreen.microsoft.com
                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                          Content-Length: 746
                                                                                                                                                                                                                                                                                                          Accept: application/octet-stream;application/x-patch-bsdiff;
                                                                                                                                                                                                                                                                                                          Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiTnNHZFlHZ3hpZTRoQTlLNUtzWW9hdz09IiwgImhhc2giOiJLMkJiWXdVUEVOdz0ifQ==
                                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                          If-None-Match: "636976985063396749.rel.v2"
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:20 UTC746OUTData Raw: 7b 22 69 64 65 6e 74 69 74 79 22 3a 7b 22 75 73 65 72 22 3a 7b 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 7d 2c 22 64 65 76 69 63 65 22 3a 7b 22 69 64 22 3a 6e 75 6c 6c 2c 22 63 75 73 74 6f 6d 49 64 22 3a 6e 75 6c 6c 2c 22 6f 6e 6c 69 6e 65 49 64 54 69 63 6b 65 74 22 3a 6e 75 6c 6c 2c 22 66 61 6d 69 6c 79 22 3a 33 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 47 42 22 2c 22 6f 73 56 65 72 73 69 6f 6e 22 3a 22 31 30 2e 30 2e 31 39 30 34 35 2e 32 30 30 36 2e 76 62 5f 72 65 6c 65 61 73 65 22 2c 22 62 72 6f 77 73 65 72 22 3a 7b 22 69 6e 74 65 72 6e 65 74 5f 65 78 70 6c 6f 72 65 72 22 3a 22 39 2e 31 31 2e 31 39 30 34 31 2e 30 22 7d 2c 22 6e 65 74 4a 6f 69 6e 53 74 61 74 75 73 22 3a 32 2c 22 65 6e 74 65 72 70 72 69 73 65 22 3a 7b 7d 2c 22 63 6c 6f 75 64 53 6b
                                                                                                                                                                                                                                                                                                          Data Ascii: {"identity":{"user":{"locale":"en-GB"},"device":{"id":null,"customId":null,"onlineIdTicket":null,"family":3,"locale":"en-GB","osVersion":"10.0.19045.2006.vb_release","browser":{"internet_explorer":"9.11.19041.0"},"netJoinStatus":2,"enterprise":{},"cloudSk
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:21 UTC248INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                          Date: Fri, 22 Nov 2024 12:14:20 GMT
                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                          Content-Length: 57
                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                          ETag: "638343870221005468"
                                                                                                                                                                                                                                                                                                          Request-Context: appId=cid-v1:3d5e3eff-de07-43c3-a15d-06b05ff513c8
                                                                                                                                                                                                                                                                                                          2024-11-22 12:14:21 UTC57INData Raw: 39 00 00 00 0a 00 00 00 6d 75 72 6d 75 72 33 00 0d 00 00 00 e7 00 00 00 0c 00 00 00 2c 4d f0 68 e4 05 e3 5a 14 87 bb 38 10 5c e2 c4 94 3c 26 4c 69 f1 48 99 f4 5b b2 3f 6d
                                                                                                                                                                                                                                                                                                          Data Ascii: 9murmur3,MhZ8\<&LiH[?m


                                                                                                                                                                                                                                                                                                          Statistics

                                                                                                                                                                                                                                                                                                          CPU Usage

                                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                                          Memory Usage

                                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                                          High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                          Behavior

                                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                                          System Behavior

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:0
                                                                                                                                                                                                                                                                                                          Start time:07:12:59
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7a0c20000
                                                                                                                                                                                                                                                                                                          File size:13'960'143 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:2DBF5E00223BD7D14CA7ED7BE362866F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:2
                                                                                                                                                                                                                                                                                                          Start time:07:13:02
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7a0c20000
                                                                                                                                                                                                                                                                                                          File size:13'960'143 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:2DBF5E00223BD7D14CA7ED7BE362866F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_TelegramRAT, Description: Yara detected Telegram RAT, Source: 00000002.00000002.3005777212.00000280794C0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:3
                                                                                                                                                                                                                                                                                                          Start time:07:13:07
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\cmd.exe /c "dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txt"
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff653850000
                                                                                                                                                                                                                                                                                                          File size:289'792 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:4
                                                                                                                                                                                                                                                                                                          Start time:07:13:07
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:5
                                                                                                                                                                                                                                                                                                          Start time:07:13:08
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\dxdiag.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:dxdiag /t C:\Users\user\AppData\Local\Bunny\Info.txt
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff609880000
                                                                                                                                                                                                                                                                                                          File size:272'384 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:19AB5AD061BF013EBD012D0682DF37E5
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:6
                                                                                                                                                                                                                                                                                                          Start time:07:13:13
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\drivers\mstee.sys
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):
                                                                                                                                                                                                                                                                                                          Commandline:
                                                                                                                                                                                                                                                                                                          Imagebase:
                                                                                                                                                                                                                                                                                                          File size:12'288 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:244C73253E165582DDC43AF4467D23DF
                                                                                                                                                                                                                                                                                                          Has elevated privileges:
                                                                                                                                                                                                                                                                                                          Has administrator privileges:
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:7
                                                                                                                                                                                                                                                                                                          Start time:07:13:14
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\drivers\mskssrv.sys
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):
                                                                                                                                                                                                                                                                                                          Commandline:
                                                                                                                                                                                                                                                                                                          Imagebase:
                                                                                                                                                                                                                                                                                                          File size:34'816 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:26854C1F5500455757BC00365CEF9483
                                                                                                                                                                                                                                                                                                          Has elevated privileges:
                                                                                                                                                                                                                                                                                                          Has administrator privileges:
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:9
                                                                                                                                                                                                                                                                                                          Start time:07:13:20
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM chrome.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:10
                                                                                                                                                                                                                                                                                                          Start time:07:13:20
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:11
                                                                                                                                                                                                                                                                                                          Start time:07:13:20
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:13
                                                                                                                                                                                                                                                                                                          Start time:07:13:25
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=1988 --field-trial-handle=2004,i,16873657089946729221,16671226783605916720,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:14
                                                                                                                                                                                                                                                                                                          Start time:07:13:25
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM chrome.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:15
                                                                                                                                                                                                                                                                                                          Start time:07:13:25
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:16
                                                                                                                                                                                                                                                                                                          Start time:07:13:26
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:17
                                                                                                                                                                                                                                                                                                          Start time:07:13:28
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2016 --field-trial-handle=1996,i,2032109330353751590,13028974580121269176,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:18
                                                                                                                                                                                                                                                                                                          Start time:07:13:31
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM chrome.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:19
                                                                                                                                                                                                                                                                                                          Start time:07:13:31
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:20
                                                                                                                                                                                                                                                                                                          Start time:07:13:32
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:21
                                                                                                                                                                                                                                                                                                          Start time:07:13:33
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=1872 --field-trial-handle=1980,i,7019123131012893565,15323579879947470228,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:22
                                                                                                                                                                                                                                                                                                          Start time:07:13:36
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM msedge.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:23
                                                                                                                                                                                                                                                                                                          Start time:07:13:36
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:24
                                                                                                                                                                                                                                                                                                          Start time:07:13:37
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:25
                                                                                                                                                                                                                                                                                                          Start time:07:13:38
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2104 --field-trial-handle=2072,i,14760293394605899277,10581962885320868667,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:26
                                                                                                                                                                                                                                                                                                          Start time:07:13:38
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:27
                                                                                                                                                                                                                                                                                                          Start time:07:13:39
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2016 --field-trial-handle=1972,i,726754713040708390,11510396830708599302,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:32
                                                                                                                                                                                                                                                                                                          Start time:07:13:46
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM msedge.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:33
                                                                                                                                                                                                                                                                                                          Start time:07:13:46
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:34
                                                                                                                                                                                                                                                                                                          Start time:07:13:47
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:35
                                                                                                                                                                                                                                                                                                          Start time:07:13:47
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM msedge.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:36
                                                                                                                                                                                                                                                                                                          Start time:07:13:47
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:37
                                                                                                                                                                                                                                                                                                          Start time:07:13:47
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:38
                                                                                                                                                                                                                                                                                                          Start time:07:13:49
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2108 --field-trial-handle=2064,i,17575325319365732122,6172249017616596838,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:39
                                                                                                                                                                                                                                                                                                          Start time:07:13:49
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:40
                                                                                                                                                                                                                                                                                                          Start time:07:13:50
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2080 --field-trial-handle=2020,i,11210025246069236568,6039799949721482261,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:41
                                                                                                                                                                                                                                                                                                          Start time:07:13:52
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM msedge.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:42
                                                                                                                                                                                                                                                                                                          Start time:07:13:52
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:43
                                                                                                                                                                                                                                                                                                          Start time:07:13:52
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:44
                                                                                                                                                                                                                                                                                                          Start time:07:13:54
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2112 --field-trial-handle=2060,i,1519810673855940657,8127465609125034474,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:45
                                                                                                                                                                                                                                                                                                          Start time:07:13:54
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:46
                                                                                                                                                                                                                                                                                                          Start time:07:13:54
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2080 --field-trial-handle=2064,i,12556399923150263826,2501368566727980130,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:47
                                                                                                                                                                                                                                                                                                          Start time:07:13:56
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM msedge.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:48
                                                                                                                                                                                                                                                                                                          Start time:07:13:56
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:49
                                                                                                                                                                                                                                                                                                          Start time:07:13:57
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:50
                                                                                                                                                                                                                                                                                                          Start time:07:13:58
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,4569417142642358918,1547684186526237323,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:51
                                                                                                                                                                                                                                                                                                          Start time:07:13:58
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:52
                                                                                                                                                                                                                                                                                                          Start time:07:13:59
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2072 --field-trial-handle=2036,i,1611766081639755236,2586004836248563306,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:53
                                                                                                                                                                                                                                                                                                          Start time:07:14:01
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\taskkill.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:taskkill /F /IM msedge.exe
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7e3420000
                                                                                                                                                                                                                                                                                                          File size:101'376 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:A599D3B2FAFBDE4C1A6D7D0F839451C7
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:54
                                                                                                                                                                                                                                                                                                          Start time:07:14:02
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:55
                                                                                                                                                                                                                                                                                                          Start time:07:14:04
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:56
                                                                                                                                                                                                                                                                                                          Start time:07:14:05
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2092 --field-trial-handle=1920,i,13001128338599722861,135731140457965479,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:57
                                                                                                                                                                                                                                                                                                          Start time:07:14:05
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9876 --profile-directory=Default --remote-allow-origins=* --window-position=10000,10000 --window-size=1,1 --disable-gpu --no-sandbox --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:58
                                                                                                                                                                                                                                                                                                          Start time:07:14:06
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --no-sandbox --mojo-platform-channel-handle=2044 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:59
                                                                                                                                                                                                                                                                                                          Start time:07:14:13
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --no-sandbox --mojo-platform-channel-handle=5132 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                          Target ID:60
                                                                                                                                                                                                                                                                                                          Start time:07:14:13
                                                                                                                                                                                                                                                                                                          Start date:22/11/2024
                                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --no-sandbox --onnx-enabled-for-ee --mojo-platform-channel-handle=5192 --field-trial-handle=2036,i,1507621865173041619,9867979607064769478,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                          Disassembly

                                                                                                                                                                                                                                                                                                          Reset < >

                                                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                                                            Execution Coverage:10.3%
                                                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                                            Signature Coverage:17.1%
                                                                                                                                                                                                                                                                                                            Total number of Nodes:2000
                                                                                                                                                                                                                                                                                                            Total number of Limit Nodes:35
                                                                                                                                                                                                                                                                                                            execution_graph 19820 7ff7a0c4ad69 19823 7ff7a0c35478 LeaveCriticalSection 19820->19823 19578 7ff7a0c4abe3 19579 7ff7a0c4abf3 19578->19579 19582 7ff7a0c35478 LeaveCriticalSection 19579->19582 19529 7ff7a0c39961 19530 7ff7a0c3a3d8 45 API calls 19529->19530 19531 7ff7a0c39966 19530->19531 19532 7ff7a0c399d7 19531->19532 19533 7ff7a0c3998d GetModuleHandleW 19531->19533 19541 7ff7a0c39864 19532->19541 19533->19532 19539 7ff7a0c3999a 19533->19539 19539->19532 19555 7ff7a0c39a88 GetModuleHandleExW 19539->19555 19561 7ff7a0c402d8 EnterCriticalSection 19541->19561 19556 7ff7a0c39abc GetProcAddress 19555->19556 19557 7ff7a0c39ae5 19555->19557 19558 7ff7a0c39ace 19556->19558 19559 7ff7a0c39aea FreeLibrary 19557->19559 19560 7ff7a0c39af1 19557->19560 19558->19557 19559->19560 19560->19532 19572 7ff7a0c2bae0 19573 7ff7a0c2bb0e 19572->19573 19574 7ff7a0c2baf5 19572->19574 19574->19573 19576 7ff7a0c3d5fc 12 API calls 19574->19576 19575 7ff7a0c2bb6e 19576->19575 17036 7ff7a0c3f98c 17037 7ff7a0c3fb7e 17036->17037 17039 7ff7a0c3f9ce _isindst 17036->17039 17038 7ff7a0c34f08 _set_fmode 11 API calls 17037->17038 17056 7ff7a0c3fb6e 17038->17056 17039->17037 17042 7ff7a0c3fa4e _isindst 17039->17042 17040 7ff7a0c2c550 _log10_special 8 API calls 17041 7ff7a0c3fb99 17040->17041 17057 7ff7a0c46194 17042->17057 17047 7ff7a0c3fbaa 17049 7ff7a0c3a900 _isindst 17 API calls 17047->17049 17051 7ff7a0c3fbbe 17049->17051 17054 7ff7a0c3faab 17054->17056 17081 7ff7a0c461d8 17054->17081 17056->17040 17058 7ff7a0c461a3 17057->17058 17061 7ff7a0c3fa6c 17057->17061 17088 7ff7a0c402d8 EnterCriticalSection 17058->17088 17063 7ff7a0c45598 17061->17063 17064 7ff7a0c3fa81 17063->17064 17065 7ff7a0c455a1 17063->17065 17064->17047 17069 7ff7a0c455c8 17064->17069 17066 7ff7a0c34f08 _set_fmode 11 API calls 17065->17066 17067 7ff7a0c455a6 17066->17067 17068 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17067->17068 17068->17064 17070 7ff7a0c455d1 17069->17070 17072 7ff7a0c3fa92 17069->17072 17071 7ff7a0c34f08 _set_fmode 11 API calls 17070->17071 17073 7ff7a0c455d6 17071->17073 17072->17047 17075 7ff7a0c455f8 17072->17075 17074 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17073->17074 17074->17072 17076 7ff7a0c45601 17075->17076 17080 7ff7a0c3faa3 17075->17080 17077 7ff7a0c34f08 _set_fmode 11 API calls 17076->17077 17078 7ff7a0c45606 17077->17078 17079 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17078->17079 17079->17080 17080->17047 17080->17054 17089 7ff7a0c402d8 EnterCriticalSection 17081->17089 19682 7ff7a0c35410 19683 7ff7a0c3541b 19682->19683 19691 7ff7a0c3f2a4 19683->19691 19704 7ff7a0c402d8 EnterCriticalSection 19691->19704 19705 7ff7a0c4adfe 19706 7ff7a0c4ae0d 19705->19706 19707 7ff7a0c4ae17 19705->19707 19709 7ff7a0c40338 LeaveCriticalSection 19706->19709 16826 7ff7a0c35628 16827 7ff7a0c35642 16826->16827 16828 7ff7a0c3565f 16826->16828 16877 7ff7a0c34ee8 16827->16877 16828->16827 16829 7ff7a0c35672 CreateFileW 16828->16829 16831 7ff7a0c356dc 16829->16831 16832 7ff7a0c356a6 16829->16832 16880 7ff7a0c35c04 16831->16880 16851 7ff7a0c3577c GetFileType 16832->16851 16836 7ff7a0c34f08 _set_fmode 11 API calls 16839 7ff7a0c3564f 16836->16839 16844 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16839->16844 16840 7ff7a0c356bb CloseHandle 16846 7ff7a0c3565a 16840->16846 16841 7ff7a0c356d1 CloseHandle 16841->16846 16842 7ff7a0c35710 16901 7ff7a0c359c4 16842->16901 16843 7ff7a0c356e5 16847 7ff7a0c34e7c _fread_nolock 11 API calls 16843->16847 16844->16846 16850 7ff7a0c356ef 16847->16850 16850->16846 16852 7ff7a0c357ca 16851->16852 16853 7ff7a0c35887 16851->16853 16854 7ff7a0c357f6 GetFileInformationByHandle 16852->16854 16858 7ff7a0c35b00 21 API calls 16852->16858 16855 7ff7a0c358b1 16853->16855 16856 7ff7a0c3588f 16853->16856 16859 7ff7a0c358a2 GetLastError 16854->16859 16860 7ff7a0c3581f 16854->16860 16857 7ff7a0c358d4 PeekNamedPipe 16855->16857 16876 7ff7a0c35872 16855->16876 16856->16859 16861 7ff7a0c35893 16856->16861 16857->16876 16862 7ff7a0c357e4 16858->16862 16865 7ff7a0c34e7c _fread_nolock 11 API calls 16859->16865 16863 7ff7a0c359c4 51 API calls 16860->16863 16864 7ff7a0c34f08 _set_fmode 11 API calls 16861->16864 16862->16854 16862->16876 16867 7ff7a0c3582a 16863->16867 16864->16876 16865->16876 16866 7ff7a0c2c550 _log10_special 8 API calls 16868 7ff7a0c356b4 16866->16868 16918 7ff7a0c35924 16867->16918 16868->16840 16868->16841 16871 7ff7a0c35924 10 API calls 16872 7ff7a0c35849 16871->16872 16873 7ff7a0c35924 10 API calls 16872->16873 16874 7ff7a0c3585a 16873->16874 16875 7ff7a0c34f08 _set_fmode 11 API calls 16874->16875 16874->16876 16875->16876 16876->16866 16878 7ff7a0c3b2c8 _set_fmode 11 API calls 16877->16878 16879 7ff7a0c34ef1 16878->16879 16879->16836 16881 7ff7a0c35c3a 16880->16881 16882 7ff7a0c34f08 _set_fmode 11 API calls 16881->16882 16900 7ff7a0c35cd2 __std_exception_destroy 16881->16900 16884 7ff7a0c35c4c 16882->16884 16883 7ff7a0c2c550 _log10_special 8 API calls 16885 7ff7a0c356e1 16883->16885 16886 7ff7a0c34f08 _set_fmode 11 API calls 16884->16886 16885->16842 16885->16843 16887 7ff7a0c35c54 16886->16887 16925 7ff7a0c37e08 16887->16925 16889 7ff7a0c35c69 16890 7ff7a0c35c7b 16889->16890 16891 7ff7a0c35c71 16889->16891 16893 7ff7a0c34f08 _set_fmode 11 API calls 16890->16893 16892 7ff7a0c34f08 _set_fmode 11 API calls 16891->16892 16897 7ff7a0c35c76 16892->16897 16894 7ff7a0c35c80 16893->16894 16895 7ff7a0c34f08 _set_fmode 11 API calls 16894->16895 16894->16900 16896 7ff7a0c35c8a 16895->16896 16898 7ff7a0c37e08 45 API calls 16896->16898 16899 7ff7a0c35cc4 GetDriveTypeW 16897->16899 16897->16900 16898->16897 16899->16900 16900->16883 16902 7ff7a0c359ec 16901->16902 16910 7ff7a0c3571d 16902->16910 17019 7ff7a0c3f724 16902->17019 16904 7ff7a0c35a80 16905 7ff7a0c3f724 51 API calls 16904->16905 16904->16910 16906 7ff7a0c35a93 16905->16906 16907 7ff7a0c3f724 51 API calls 16906->16907 16906->16910 16908 7ff7a0c35aa6 16907->16908 16909 7ff7a0c3f724 51 API calls 16908->16909 16908->16910 16909->16910 16911 7ff7a0c35b00 16910->16911 16912 7ff7a0c35b1a 16911->16912 16913 7ff7a0c35b51 16912->16913 16915 7ff7a0c35b2a 16912->16915 16914 7ff7a0c3f5b8 21 API calls 16913->16914 16917 7ff7a0c35b3a 16914->16917 16916 7ff7a0c34e7c _fread_nolock 11 API calls 16915->16916 16915->16917 16916->16917 16917->16850 16919 7ff7a0c3594d FileTimeToSystemTime 16918->16919 16920 7ff7a0c35940 16918->16920 16921 7ff7a0c35961 SystemTimeToTzSpecificLocalTime 16919->16921 16922 7ff7a0c35948 16919->16922 16920->16919 16920->16922 16921->16922 16923 7ff7a0c2c550 _log10_special 8 API calls 16922->16923 16924 7ff7a0c35839 16923->16924 16924->16871 16926 7ff7a0c37e92 16925->16926 16927 7ff7a0c37e24 16925->16927 16962 7ff7a0c407c0 16926->16962 16927->16926 16929 7ff7a0c37e29 16927->16929 16930 7ff7a0c37e5e 16929->16930 16931 7ff7a0c37e41 16929->16931 16945 7ff7a0c37c4c GetFullPathNameW 16930->16945 16937 7ff7a0c37bd8 GetFullPathNameW 16931->16937 16936 7ff7a0c37e56 __std_exception_destroy 16936->16889 16938 7ff7a0c37bfe GetLastError 16937->16938 16940 7ff7a0c37c14 16937->16940 16939 7ff7a0c34e7c _fread_nolock 11 API calls 16938->16939 16942 7ff7a0c37c0b 16939->16942 16941 7ff7a0c37c10 16940->16941 16943 7ff7a0c34f08 _set_fmode 11 API calls 16940->16943 16941->16936 16944 7ff7a0c34f08 _set_fmode 11 API calls 16942->16944 16943->16941 16944->16941 16946 7ff7a0c37c7f GetLastError 16945->16946 16949 7ff7a0c37c95 __std_exception_destroy 16945->16949 16947 7ff7a0c34e7c _fread_nolock 11 API calls 16946->16947 16948 7ff7a0c37c8c 16947->16948 16950 7ff7a0c34f08 _set_fmode 11 API calls 16948->16950 16951 7ff7a0c37c91 16949->16951 16952 7ff7a0c37cef GetFullPathNameW 16949->16952 16950->16951 16953 7ff7a0c37d24 16951->16953 16952->16946 16952->16951 16957 7ff7a0c37d98 memcpy_s 16953->16957 16958 7ff7a0c37d4d __scrt_get_show_window_mode 16953->16958 16954 7ff7a0c37d81 16955 7ff7a0c34f08 _set_fmode 11 API calls 16954->16955 16956 7ff7a0c37d86 16955->16956 16960 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16956->16960 16957->16936 16958->16954 16958->16957 16959 7ff7a0c37dba 16958->16959 16959->16957 16961 7ff7a0c34f08 _set_fmode 11 API calls 16959->16961 16960->16957 16961->16956 16965 7ff7a0c405d0 16962->16965 16966 7ff7a0c405fb 16965->16966 16967 7ff7a0c40612 16965->16967 16968 7ff7a0c34f08 _set_fmode 11 API calls 16966->16968 16969 7ff7a0c40637 16967->16969 16970 7ff7a0c40616 16967->16970 16972 7ff7a0c40600 16968->16972 17003 7ff7a0c3f5b8 16969->17003 16991 7ff7a0c4073c 16970->16991 16976 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16972->16976 16974 7ff7a0c4063c 16979 7ff7a0c406e1 16974->16979 16980 7ff7a0c40663 16974->16980 16990 7ff7a0c4060b __std_exception_destroy 16976->16990 16977 7ff7a0c4061f 16978 7ff7a0c34ee8 _fread_nolock 11 API calls 16977->16978 16981 7ff7a0c40624 16978->16981 16979->16966 16982 7ff7a0c406e9 16979->16982 16987 7ff7a0c37c4c 14 API calls 16980->16987 16984 7ff7a0c34f08 _set_fmode 11 API calls 16981->16984 16985 7ff7a0c37bd8 13 API calls 16982->16985 16983 7ff7a0c2c550 _log10_special 8 API calls 16986 7ff7a0c40731 16983->16986 16984->16972 16985->16990 16986->16936 16988 7ff7a0c406a7 16987->16988 16989 7ff7a0c37d24 37 API calls 16988->16989 16988->16990 16989->16990 16990->16983 16992 7ff7a0c40786 16991->16992 16993 7ff7a0c40756 16991->16993 16994 7ff7a0c40791 GetDriveTypeW 16992->16994 16996 7ff7a0c40771 16992->16996 16995 7ff7a0c34ee8 _fread_nolock 11 API calls 16993->16995 16994->16996 16997 7ff7a0c4075b 16995->16997 16999 7ff7a0c2c550 _log10_special 8 API calls 16996->16999 16998 7ff7a0c34f08 _set_fmode 11 API calls 16997->16998 17001 7ff7a0c40766 16998->17001 17000 7ff7a0c4061b 16999->17000 17000->16974 17000->16977 17002 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17001->17002 17002->16996 17017 7ff7a0c4a4d0 17003->17017 17005 7ff7a0c3f5ee GetCurrentDirectoryW 17006 7ff7a0c3f62c 17005->17006 17007 7ff7a0c3f605 17005->17007 17008 7ff7a0c3eb98 _set_fmode 11 API calls 17006->17008 17009 7ff7a0c2c550 _log10_special 8 API calls 17007->17009 17010 7ff7a0c3f63b 17008->17010 17011 7ff7a0c3f699 17009->17011 17012 7ff7a0c3f645 GetCurrentDirectoryW 17010->17012 17013 7ff7a0c3f654 17010->17013 17011->16974 17012->17013 17015 7ff7a0c3f659 17012->17015 17014 7ff7a0c34f08 _set_fmode 11 API calls 17013->17014 17014->17015 17016 7ff7a0c3a948 __free_lconv_num 11 API calls 17015->17016 17016->17007 17018 7ff7a0c4a4c0 17017->17018 17018->17005 17018->17018 17020 7ff7a0c3f755 17019->17020 17021 7ff7a0c3f731 17019->17021 17024 7ff7a0c3f78f 17020->17024 17025 7ff7a0c3f7ae 17020->17025 17021->17020 17022 7ff7a0c3f736 17021->17022 17023 7ff7a0c34f08 _set_fmode 11 API calls 17022->17023 17026 7ff7a0c3f73b 17023->17026 17027 7ff7a0c34f08 _set_fmode 11 API calls 17024->17027 17028 7ff7a0c34f4c 45 API calls 17025->17028 17029 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17026->17029 17030 7ff7a0c3f794 17027->17030 17034 7ff7a0c3f7bb 17028->17034 17031 7ff7a0c3f746 17029->17031 17032 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17030->17032 17031->16904 17033 7ff7a0c3f79f 17032->17033 17033->16904 17034->17033 17035 7ff7a0c404dc 51 API calls 17034->17035 17035->17034 20098 7ff7a0c416b0 20109 7ff7a0c473e4 20098->20109 20110 7ff7a0c473f1 20109->20110 20111 7ff7a0c3a948 __free_lconv_num 11 API calls 20110->20111 20112 7ff7a0c4740d 20110->20112 20111->20110 20113 7ff7a0c3a948 __free_lconv_num 11 API calls 20112->20113 20114 7ff7a0c416b9 20112->20114 20113->20112 20115 7ff7a0c402d8 EnterCriticalSection 20114->20115 19879 7ff7a0c3c520 19890 7ff7a0c402d8 EnterCriticalSection 19879->19890 16014 7ff7a0c408c8 16015 7ff7a0c408ec 16014->16015 16018 7ff7a0c408fc 16014->16018 16165 7ff7a0c34f08 16015->16165 16017 7ff7a0c40bdc 16020 7ff7a0c34f08 _set_fmode 11 API calls 16017->16020 16018->16017 16019 7ff7a0c4091e 16018->16019 16021 7ff7a0c4093f 16019->16021 16168 7ff7a0c40f84 16019->16168 16022 7ff7a0c40be1 16020->16022 16025 7ff7a0c409b1 16021->16025 16027 7ff7a0c40965 16021->16027 16032 7ff7a0c409a5 16021->16032 16024 7ff7a0c3a948 __free_lconv_num 11 API calls 16022->16024 16036 7ff7a0c408f1 16024->16036 16029 7ff7a0c3eb98 _set_fmode 11 API calls 16025->16029 16046 7ff7a0c40974 16025->16046 16026 7ff7a0c40a5e 16035 7ff7a0c40a7b 16026->16035 16043 7ff7a0c40acd 16026->16043 16183 7ff7a0c396c0 16027->16183 16033 7ff7a0c409c7 16029->16033 16032->16026 16032->16046 16195 7ff7a0c4712c 16032->16195 16037 7ff7a0c3a948 __free_lconv_num 11 API calls 16033->16037 16040 7ff7a0c3a948 __free_lconv_num 11 API calls 16035->16040 16041 7ff7a0c409d5 16037->16041 16038 7ff7a0c4098d 16038->16032 16045 7ff7a0c40f84 45 API calls 16038->16045 16039 7ff7a0c4096f 16042 7ff7a0c34f08 _set_fmode 11 API calls 16039->16042 16044 7ff7a0c40a84 16040->16044 16041->16032 16041->16046 16049 7ff7a0c3eb98 _set_fmode 11 API calls 16041->16049 16042->16046 16043->16046 16047 7ff7a0c433dc 40 API calls 16043->16047 16055 7ff7a0c40a89 16044->16055 16231 7ff7a0c433dc 16044->16231 16045->16032 16189 7ff7a0c3a948 16046->16189 16048 7ff7a0c40b0a 16047->16048 16050 7ff7a0c3a948 __free_lconv_num 11 API calls 16048->16050 16052 7ff7a0c409f7 16049->16052 16054 7ff7a0c40b14 16050->16054 16053 7ff7a0c3a948 __free_lconv_num 11 API calls 16052->16053 16053->16032 16054->16046 16054->16055 16056 7ff7a0c40bd0 16055->16056 16145 7ff7a0c3eb98 16055->16145 16058 7ff7a0c3a948 __free_lconv_num 11 API calls 16056->16058 16057 7ff7a0c40ab5 16059 7ff7a0c3a948 __free_lconv_num 11 API calls 16057->16059 16058->16036 16059->16055 16062 7ff7a0c40b69 16152 7ff7a0c3a4a4 16062->16152 16063 7ff7a0c40b60 16065 7ff7a0c3a948 __free_lconv_num 11 API calls 16063->16065 16087 7ff7a0c40b67 16065->16087 16067 7ff7a0c40c0b 16161 7ff7a0c3a900 IsProcessorFeaturePresent 16067->16161 16068 7ff7a0c40b80 16240 7ff7a0c47244 16068->16240 16071 7ff7a0c3a948 __free_lconv_num 11 API calls 16071->16036 16074 7ff7a0c40bc8 16080 7ff7a0c3a948 __free_lconv_num 11 API calls 16074->16080 16075 7ff7a0c40ba7 16078 7ff7a0c34f08 _set_fmode 11 API calls 16075->16078 16081 7ff7a0c40bac 16078->16081 16080->16056 16083 7ff7a0c3a948 __free_lconv_num 11 API calls 16081->16083 16083->16087 16087->16071 16151 7ff7a0c3eba9 _set_fmode 16145->16151 16146 7ff7a0c3ebfa 16148 7ff7a0c34f08 _set_fmode 10 API calls 16146->16148 16147 7ff7a0c3ebde HeapAlloc 16149 7ff7a0c3ebf8 16147->16149 16147->16151 16148->16149 16149->16062 16149->16063 16151->16146 16151->16147 16259 7ff7a0c43590 16151->16259 16153 7ff7a0c3a4bb 16152->16153 16154 7ff7a0c3a4b1 16152->16154 16155 7ff7a0c34f08 _set_fmode 11 API calls 16153->16155 16154->16153 16156 7ff7a0c3a4d6 16154->16156 16160 7ff7a0c3a4c2 16155->16160 16158 7ff7a0c3a4ce 16156->16158 16159 7ff7a0c34f08 _set_fmode 11 API calls 16156->16159 16158->16067 16158->16068 16159->16160 16268 7ff7a0c3a8e0 16160->16268 16162 7ff7a0c3a913 16161->16162 16330 7ff7a0c3a614 16162->16330 16352 7ff7a0c3b2c8 GetLastError 16165->16352 16167 7ff7a0c34f11 16167->16036 16169 7ff7a0c40fb9 16168->16169 16176 7ff7a0c40fa1 16168->16176 16170 7ff7a0c3eb98 _set_fmode 11 API calls 16169->16170 16171 7ff7a0c40fdd 16170->16171 16172 7ff7a0c4103e 16171->16172 16177 7ff7a0c3eb98 _set_fmode 11 API calls 16171->16177 16178 7ff7a0c3a948 __free_lconv_num 11 API calls 16171->16178 16179 7ff7a0c3a4a4 __std_exception_copy 37 API calls 16171->16179 16180 7ff7a0c4104d 16171->16180 16182 7ff7a0c41062 16171->16182 16174 7ff7a0c3a948 __free_lconv_num 11 API calls 16172->16174 16174->16176 16176->16021 16177->16171 16178->16171 16179->16171 16181 7ff7a0c3a900 _isindst 17 API calls 16180->16181 16181->16182 16369 7ff7a0c3a504 16182->16369 16184 7ff7a0c396d0 16183->16184 16185 7ff7a0c396d9 16183->16185 16184->16185 16435 7ff7a0c39198 16184->16435 16185->16038 16185->16039 16190 7ff7a0c3a94d RtlFreeHeap 16189->16190 16192 7ff7a0c3a97c 16189->16192 16191 7ff7a0c3a968 GetLastError 16190->16191 16190->16192 16193 7ff7a0c3a975 __free_lconv_num 16191->16193 16192->16036 16194 7ff7a0c34f08 _set_fmode 9 API calls 16193->16194 16194->16192 16196 7ff7a0c47139 16195->16196 16197 7ff7a0c46254 16195->16197 16199 7ff7a0c34f4c 45 API calls 16196->16199 16198 7ff7a0c46261 16197->16198 16203 7ff7a0c46297 16197->16203 16201 7ff7a0c34f08 _set_fmode 11 API calls 16198->16201 16215 7ff7a0c46208 16198->16215 16200 7ff7a0c4716d 16199->16200 16208 7ff7a0c47183 16200->16208 16212 7ff7a0c4719a 16200->16212 16226 7ff7a0c47172 16200->16226 16204 7ff7a0c4626b 16201->16204 16202 7ff7a0c462c1 16205 7ff7a0c34f08 _set_fmode 11 API calls 16202->16205 16203->16202 16207 7ff7a0c462e6 16203->16207 16209 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16204->16209 16206 7ff7a0c462c6 16205->16206 16210 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16206->16210 16211 7ff7a0c462d1 16207->16211 16216 7ff7a0c34f4c 45 API calls 16207->16216 16213 7ff7a0c34f08 _set_fmode 11 API calls 16208->16213 16214 7ff7a0c46276 16209->16214 16210->16211 16211->16032 16218 7ff7a0c471b6 16212->16218 16219 7ff7a0c471a4 16212->16219 16217 7ff7a0c47188 16213->16217 16214->16032 16215->16032 16216->16211 16222 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16217->16222 16220 7ff7a0c471c7 16218->16220 16221 7ff7a0c471de 16218->16221 16223 7ff7a0c34f08 _set_fmode 11 API calls 16219->16223 16728 7ff7a0c462a4 16220->16728 16737 7ff7a0c48f4c 16221->16737 16222->16226 16227 7ff7a0c471a9 16223->16227 16226->16032 16228 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16227->16228 16228->16226 16230 7ff7a0c34f08 _set_fmode 11 API calls 16230->16226 16232 7ff7a0c433fe 16231->16232 16233 7ff7a0c4341b 16231->16233 16232->16233 16234 7ff7a0c4340c 16232->16234 16235 7ff7a0c43425 16233->16235 16777 7ff7a0c47c38 16233->16777 16236 7ff7a0c34f08 _set_fmode 11 API calls 16234->16236 16784 7ff7a0c47c74 16235->16784 16239 7ff7a0c43411 __scrt_get_show_window_mode 16236->16239 16239->16057 16241 7ff7a0c34f4c 45 API calls 16240->16241 16242 7ff7a0c472aa 16241->16242 16246 7ff7a0c472b8 16242->16246 16796 7ff7a0c3ef24 16242->16796 16799 7ff7a0c354ac 16246->16799 16247 7ff7a0c473a4 16250 7ff7a0c473b5 16247->16250 16251 7ff7a0c3a948 __free_lconv_num 11 API calls 16247->16251 16248 7ff7a0c34f4c 45 API calls 16249 7ff7a0c47327 16248->16249 16253 7ff7a0c3ef24 5 API calls 16249->16253 16256 7ff7a0c47330 16249->16256 16252 7ff7a0c40ba3 16250->16252 16254 7ff7a0c3a948 __free_lconv_num 11 API calls 16250->16254 16251->16250 16252->16074 16252->16075 16253->16256 16254->16252 16255 7ff7a0c354ac 14 API calls 16257 7ff7a0c4738b 16255->16257 16256->16255 16257->16247 16258 7ff7a0c47393 SetEnvironmentVariableW 16257->16258 16258->16247 16262 7ff7a0c435d0 16259->16262 16267 7ff7a0c402d8 EnterCriticalSection 16262->16267 16271 7ff7a0c3a778 16268->16271 16270 7ff7a0c3a8f9 16270->16158 16272 7ff7a0c3a7a3 16271->16272 16275 7ff7a0c3a814 16272->16275 16274 7ff7a0c3a7ca 16274->16270 16285 7ff7a0c3a55c 16275->16285 16278 7ff7a0c3a84f 16278->16274 16281 7ff7a0c3a900 _isindst 17 API calls 16282 7ff7a0c3a8df 16281->16282 16283 7ff7a0c3a778 _invalid_parameter_noinfo 37 API calls 16282->16283 16284 7ff7a0c3a8f9 16283->16284 16284->16274 16286 7ff7a0c3a578 GetLastError 16285->16286 16287 7ff7a0c3a5b3 16285->16287 16288 7ff7a0c3a588 16286->16288 16287->16278 16291 7ff7a0c3a5c8 16287->16291 16294 7ff7a0c3b390 16288->16294 16292 7ff7a0c3a5fc 16291->16292 16293 7ff7a0c3a5e4 GetLastError SetLastError 16291->16293 16292->16278 16292->16281 16293->16292 16295 7ff7a0c3b3ca FlsSetValue 16294->16295 16296 7ff7a0c3b3af FlsGetValue 16294->16296 16298 7ff7a0c3b3d7 16295->16298 16299 7ff7a0c3a5a3 SetLastError 16295->16299 16297 7ff7a0c3b3c4 16296->16297 16296->16299 16297->16295 16300 7ff7a0c3eb98 _set_fmode 11 API calls 16298->16300 16299->16287 16301 7ff7a0c3b3e6 16300->16301 16302 7ff7a0c3b404 FlsSetValue 16301->16302 16303 7ff7a0c3b3f4 FlsSetValue 16301->16303 16305 7ff7a0c3b422 16302->16305 16306 7ff7a0c3b410 FlsSetValue 16302->16306 16304 7ff7a0c3b3fd 16303->16304 16307 7ff7a0c3a948 __free_lconv_num 11 API calls 16304->16307 16311 7ff7a0c3aef4 16305->16311 16306->16304 16307->16299 16316 7ff7a0c3adcc 16311->16316 16328 7ff7a0c402d8 EnterCriticalSection 16316->16328 16331 7ff7a0c3a64e _isindst __scrt_get_show_window_mode 16330->16331 16332 7ff7a0c3a676 RtlCaptureContext RtlLookupFunctionEntry 16331->16332 16333 7ff7a0c3a6b0 RtlVirtualUnwind 16332->16333 16334 7ff7a0c3a6e6 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 16332->16334 16333->16334 16335 7ff7a0c3a738 _isindst 16334->16335 16338 7ff7a0c2c550 16335->16338 16339 7ff7a0c2c559 16338->16339 16340 7ff7a0c2c564 GetCurrentProcess TerminateProcess 16339->16340 16341 7ff7a0c2c8e0 IsProcessorFeaturePresent 16339->16341 16342 7ff7a0c2c8f8 16341->16342 16347 7ff7a0c2cad8 RtlCaptureContext 16342->16347 16348 7ff7a0c2caf2 RtlLookupFunctionEntry 16347->16348 16349 7ff7a0c2cb08 RtlVirtualUnwind 16348->16349 16350 7ff7a0c2c90b 16348->16350 16349->16348 16349->16350 16351 7ff7a0c2c8a0 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 16350->16351 16353 7ff7a0c3b309 FlsSetValue 16352->16353 16359 7ff7a0c3b2ec 16352->16359 16354 7ff7a0c3b31b 16353->16354 16358 7ff7a0c3b2f9 16353->16358 16356 7ff7a0c3eb98 _set_fmode 5 API calls 16354->16356 16355 7ff7a0c3b375 SetLastError 16355->16167 16357 7ff7a0c3b32a 16356->16357 16360 7ff7a0c3b348 FlsSetValue 16357->16360 16361 7ff7a0c3b338 FlsSetValue 16357->16361 16358->16355 16359->16353 16359->16358 16363 7ff7a0c3b366 16360->16363 16364 7ff7a0c3b354 FlsSetValue 16360->16364 16362 7ff7a0c3b341 16361->16362 16365 7ff7a0c3a948 __free_lconv_num 5 API calls 16362->16365 16366 7ff7a0c3aef4 _set_fmode 5 API calls 16363->16366 16364->16362 16365->16358 16367 7ff7a0c3b36e 16366->16367 16368 7ff7a0c3a948 __free_lconv_num 5 API calls 16367->16368 16368->16355 16378 7ff7a0c43650 16369->16378 16404 7ff7a0c43608 16378->16404 16409 7ff7a0c402d8 EnterCriticalSection 16404->16409 16436 7ff7a0c391b1 16435->16436 16449 7ff7a0c391ad 16435->16449 16458 7ff7a0c425f0 16436->16458 16441 7ff7a0c391cf 16484 7ff7a0c3927c 16441->16484 16442 7ff7a0c391c3 16443 7ff7a0c3a948 __free_lconv_num 11 API calls 16442->16443 16443->16449 16446 7ff7a0c3a948 __free_lconv_num 11 API calls 16447 7ff7a0c391f6 16446->16447 16448 7ff7a0c3a948 __free_lconv_num 11 API calls 16447->16448 16448->16449 16449->16185 16450 7ff7a0c394ec 16449->16450 16451 7ff7a0c39515 16450->16451 16456 7ff7a0c3952e 16450->16456 16451->16185 16452 7ff7a0c3eb98 _set_fmode 11 API calls 16452->16456 16453 7ff7a0c395be 16455 7ff7a0c3a948 __free_lconv_num 11 API calls 16453->16455 16454 7ff7a0c407e8 WideCharToMultiByte 16454->16456 16455->16451 16456->16451 16456->16452 16456->16453 16456->16454 16457 7ff7a0c3a948 __free_lconv_num 11 API calls 16456->16457 16457->16456 16459 7ff7a0c391b6 16458->16459 16460 7ff7a0c425fd 16458->16460 16464 7ff7a0c4292c GetEnvironmentStringsW 16459->16464 16503 7ff7a0c3b224 16460->16503 16465 7ff7a0c4295c 16464->16465 16466 7ff7a0c391bb 16464->16466 16467 7ff7a0c407e8 WideCharToMultiByte 16465->16467 16466->16441 16466->16442 16468 7ff7a0c429ad 16467->16468 16469 7ff7a0c429b4 FreeEnvironmentStringsW 16468->16469 16470 7ff7a0c3d5fc _fread_nolock 12 API calls 16468->16470 16469->16466 16471 7ff7a0c429c7 16470->16471 16472 7ff7a0c429d8 16471->16472 16473 7ff7a0c429cf 16471->16473 16474 7ff7a0c407e8 WideCharToMultiByte 16472->16474 16475 7ff7a0c3a948 __free_lconv_num 11 API calls 16473->16475 16476 7ff7a0c429fb 16474->16476 16477 7ff7a0c429d6 16475->16477 16478 7ff7a0c42a09 16476->16478 16479 7ff7a0c429ff 16476->16479 16477->16469 16481 7ff7a0c3a948 __free_lconv_num 11 API calls 16478->16481 16480 7ff7a0c3a948 __free_lconv_num 11 API calls 16479->16480 16482 7ff7a0c42a07 FreeEnvironmentStringsW 16480->16482 16481->16482 16482->16466 16485 7ff7a0c392a1 16484->16485 16485->16485 16486 7ff7a0c3eb98 _set_fmode 11 API calls 16485->16486 16499 7ff7a0c392d7 16486->16499 16487 7ff7a0c392df 16488 7ff7a0c3a948 __free_lconv_num 11 API calls 16487->16488 16489 7ff7a0c391d7 16488->16489 16489->16446 16490 7ff7a0c39352 16491 7ff7a0c3a948 __free_lconv_num 11 API calls 16490->16491 16491->16489 16492 7ff7a0c3eb98 _set_fmode 11 API calls 16492->16499 16493 7ff7a0c39341 16722 7ff7a0c394a8 16493->16722 16495 7ff7a0c3a4a4 __std_exception_copy 37 API calls 16495->16499 16497 7ff7a0c3a948 __free_lconv_num 11 API calls 16497->16487 16498 7ff7a0c39377 16500 7ff7a0c3a900 _isindst 17 API calls 16498->16500 16499->16487 16499->16490 16499->16492 16499->16493 16499->16495 16499->16498 16501 7ff7a0c3a948 __free_lconv_num 11 API calls 16499->16501 16502 7ff7a0c3938a 16500->16502 16501->16499 16504 7ff7a0c3b250 FlsSetValue 16503->16504 16505 7ff7a0c3b235 FlsGetValue 16503->16505 16506 7ff7a0c3b25d 16504->16506 16507 7ff7a0c3b242 16504->16507 16505->16507 16508 7ff7a0c3b24a 16505->16508 16509 7ff7a0c3eb98 _set_fmode 11 API calls 16506->16509 16510 7ff7a0c3b248 16507->16510 16511 7ff7a0c3a504 __CxxCallCatchBlock 45 API calls 16507->16511 16508->16504 16513 7ff7a0c3b26c 16509->16513 16523 7ff7a0c422c4 16510->16523 16512 7ff7a0c3b2c5 16511->16512 16514 7ff7a0c3b28a FlsSetValue 16513->16514 16515 7ff7a0c3b27a FlsSetValue 16513->16515 16517 7ff7a0c3b2a8 16514->16517 16518 7ff7a0c3b296 FlsSetValue 16514->16518 16516 7ff7a0c3b283 16515->16516 16519 7ff7a0c3a948 __free_lconv_num 11 API calls 16516->16519 16520 7ff7a0c3aef4 _set_fmode 11 API calls 16517->16520 16518->16516 16519->16507 16521 7ff7a0c3b2b0 16520->16521 16522 7ff7a0c3a948 __free_lconv_num 11 API calls 16521->16522 16522->16510 16546 7ff7a0c42534 16523->16546 16525 7ff7a0c422f9 16561 7ff7a0c41fc4 16525->16561 16530 7ff7a0c4232f 16531 7ff7a0c3a948 __free_lconv_num 11 API calls 16530->16531 16545 7ff7a0c42316 16531->16545 16532 7ff7a0c4233e 16532->16532 16575 7ff7a0c4266c 16532->16575 16535 7ff7a0c4243a 16536 7ff7a0c34f08 _set_fmode 11 API calls 16535->16536 16538 7ff7a0c4243f 16536->16538 16537 7ff7a0c42495 16540 7ff7a0c424fc 16537->16540 16586 7ff7a0c41df4 16537->16586 16541 7ff7a0c3a948 __free_lconv_num 11 API calls 16538->16541 16539 7ff7a0c42454 16539->16537 16542 7ff7a0c3a948 __free_lconv_num 11 API calls 16539->16542 16544 7ff7a0c3a948 __free_lconv_num 11 API calls 16540->16544 16541->16545 16542->16537 16544->16545 16545->16459 16547 7ff7a0c42557 16546->16547 16550 7ff7a0c42561 16547->16550 16601 7ff7a0c402d8 EnterCriticalSection 16547->16601 16551 7ff7a0c425d3 16550->16551 16554 7ff7a0c3a504 __CxxCallCatchBlock 45 API calls 16550->16554 16551->16525 16555 7ff7a0c425eb 16554->16555 16557 7ff7a0c42642 16555->16557 16558 7ff7a0c3b224 50 API calls 16555->16558 16557->16525 16559 7ff7a0c4262c 16558->16559 16560 7ff7a0c422c4 65 API calls 16559->16560 16560->16557 16602 7ff7a0c34f4c 16561->16602 16564 7ff7a0c41ff6 16566 7ff7a0c41ffb GetACP 16564->16566 16567 7ff7a0c4200b 16564->16567 16565 7ff7a0c41fe4 GetOEMCP 16565->16567 16566->16567 16567->16545 16568 7ff7a0c3d5fc 16567->16568 16569 7ff7a0c3d647 16568->16569 16570 7ff7a0c3d60b _set_fmode 16568->16570 16571 7ff7a0c34f08 _set_fmode 11 API calls 16569->16571 16570->16569 16572 7ff7a0c3d62e HeapAlloc 16570->16572 16574 7ff7a0c43590 _set_fmode 2 API calls 16570->16574 16573 7ff7a0c3d645 16571->16573 16572->16570 16572->16573 16573->16530 16573->16532 16574->16570 16576 7ff7a0c41fc4 47 API calls 16575->16576 16577 7ff7a0c42699 16576->16577 16578 7ff7a0c427ef 16577->16578 16580 7ff7a0c426d6 IsValidCodePage 16577->16580 16585 7ff7a0c426f0 __scrt_get_show_window_mode 16577->16585 16579 7ff7a0c2c550 _log10_special 8 API calls 16578->16579 16581 7ff7a0c42431 16579->16581 16580->16578 16582 7ff7a0c426e7 16580->16582 16581->16535 16581->16539 16583 7ff7a0c42716 GetCPInfo 16582->16583 16582->16585 16583->16578 16583->16585 16634 7ff7a0c420dc 16585->16634 16721 7ff7a0c402d8 EnterCriticalSection 16586->16721 16603 7ff7a0c34f70 16602->16603 16609 7ff7a0c34f6b 16602->16609 16604 7ff7a0c3b150 __CxxCallCatchBlock 45 API calls 16603->16604 16603->16609 16605 7ff7a0c34f8b 16604->16605 16610 7ff7a0c3d984 16605->16610 16609->16564 16609->16565 16611 7ff7a0c3d999 16610->16611 16613 7ff7a0c34fae 16610->16613 16611->16613 16618 7ff7a0c43304 16611->16618 16614 7ff7a0c3d9f0 16613->16614 16615 7ff7a0c3da05 16614->16615 16617 7ff7a0c3da18 16614->16617 16615->16617 16631 7ff7a0c42650 16615->16631 16617->16609 16619 7ff7a0c3b150 __CxxCallCatchBlock 45 API calls 16618->16619 16620 7ff7a0c43313 16619->16620 16621 7ff7a0c4335e 16620->16621 16630 7ff7a0c402d8 EnterCriticalSection 16620->16630 16621->16613 16632 7ff7a0c3b150 __CxxCallCatchBlock 45 API calls 16631->16632 16633 7ff7a0c42659 16632->16633 16635 7ff7a0c42119 GetCPInfo 16634->16635 16636 7ff7a0c4220f 16634->16636 16635->16636 16640 7ff7a0c4212c 16635->16640 16637 7ff7a0c2c550 _log10_special 8 API calls 16636->16637 16639 7ff7a0c422ae 16637->16639 16639->16578 16645 7ff7a0c42e40 16640->16645 16646 7ff7a0c34f4c 45 API calls 16645->16646 16647 7ff7a0c42e82 16646->16647 16665 7ff7a0c3f8a0 16647->16665 16667 7ff7a0c3f8a9 MultiByteToWideChar 16665->16667 16726 7ff7a0c394ad 16722->16726 16727 7ff7a0c39349 16722->16727 16723 7ff7a0c394d6 16725 7ff7a0c3a948 __free_lconv_num 11 API calls 16723->16725 16724 7ff7a0c3a948 __free_lconv_num 11 API calls 16724->16726 16725->16727 16726->16723 16726->16724 16727->16497 16729 7ff7a0c462d8 16728->16729 16730 7ff7a0c462c1 16728->16730 16729->16730 16733 7ff7a0c462e6 16729->16733 16731 7ff7a0c34f08 _set_fmode 11 API calls 16730->16731 16732 7ff7a0c462c6 16731->16732 16734 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16732->16734 16735 7ff7a0c34f4c 45 API calls 16733->16735 16736 7ff7a0c462d1 16733->16736 16734->16736 16735->16736 16736->16226 16738 7ff7a0c34f4c 45 API calls 16737->16738 16739 7ff7a0c48f71 16738->16739 16742 7ff7a0c48bc8 16739->16742 16743 7ff7a0c48c16 16742->16743 16746 7ff7a0c48c9d 16743->16746 16748 7ff7a0c48c88 GetCPInfo 16743->16748 16751 7ff7a0c48ca1 16743->16751 16744 7ff7a0c2c550 _log10_special 8 API calls 16745 7ff7a0c47205 16744->16745 16745->16226 16745->16230 16747 7ff7a0c3f8a0 _fread_nolock MultiByteToWideChar 16746->16747 16746->16751 16749 7ff7a0c48d35 16747->16749 16748->16746 16748->16751 16750 7ff7a0c3d5fc _fread_nolock 12 API calls 16749->16750 16749->16751 16752 7ff7a0c48d6c 16749->16752 16750->16752 16751->16744 16752->16751 16753 7ff7a0c3f8a0 _fread_nolock MultiByteToWideChar 16752->16753 16754 7ff7a0c48dda 16753->16754 16755 7ff7a0c48ebc 16754->16755 16756 7ff7a0c3f8a0 _fread_nolock MultiByteToWideChar 16754->16756 16755->16751 16757 7ff7a0c3a948 __free_lconv_num 11 API calls 16755->16757 16758 7ff7a0c48e00 16756->16758 16757->16751 16758->16755 16759 7ff7a0c3d5fc _fread_nolock 12 API calls 16758->16759 16760 7ff7a0c48e2d 16758->16760 16759->16760 16760->16755 16761 7ff7a0c3f8a0 _fread_nolock MultiByteToWideChar 16760->16761 16762 7ff7a0c48ea4 16761->16762 16763 7ff7a0c48eaa 16762->16763 16764 7ff7a0c48ec4 16762->16764 16763->16755 16767 7ff7a0c3a948 __free_lconv_num 11 API calls 16763->16767 16771 7ff7a0c3ef68 16764->16771 16767->16755 16768 7ff7a0c48f03 16768->16751 16770 7ff7a0c3a948 __free_lconv_num 11 API calls 16768->16770 16769 7ff7a0c3a948 __free_lconv_num 11 API calls 16769->16768 16770->16751 16772 7ff7a0c3ed10 __crtLCMapStringW 5 API calls 16771->16772 16773 7ff7a0c3efa6 16772->16773 16774 7ff7a0c3efae 16773->16774 16775 7ff7a0c3f1d0 __crtLCMapStringW 5 API calls 16773->16775 16774->16768 16774->16769 16776 7ff7a0c3f017 CompareStringW 16775->16776 16776->16774 16778 7ff7a0c47c5a HeapSize 16777->16778 16779 7ff7a0c47c41 16777->16779 16780 7ff7a0c34f08 _set_fmode 11 API calls 16779->16780 16781 7ff7a0c47c46 16780->16781 16782 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 16781->16782 16783 7ff7a0c47c51 16782->16783 16783->16235 16785 7ff7a0c47c89 16784->16785 16786 7ff7a0c47c93 16784->16786 16787 7ff7a0c3d5fc _fread_nolock 12 API calls 16785->16787 16788 7ff7a0c47c98 16786->16788 16794 7ff7a0c47c9f _set_fmode 16786->16794 16792 7ff7a0c47c91 16787->16792 16789 7ff7a0c3a948 __free_lconv_num 11 API calls 16788->16789 16789->16792 16790 7ff7a0c47cd2 HeapReAlloc 16790->16792 16790->16794 16791 7ff7a0c47ca5 16793 7ff7a0c34f08 _set_fmode 11 API calls 16791->16793 16792->16239 16793->16792 16794->16790 16794->16791 16795 7ff7a0c43590 _set_fmode 2 API calls 16794->16795 16795->16794 16797 7ff7a0c3ed10 __crtLCMapStringW 5 API calls 16796->16797 16798 7ff7a0c3ef44 16797->16798 16798->16246 16800 7ff7a0c354fa 16799->16800 16801 7ff7a0c354d6 16799->16801 16802 7ff7a0c354ff 16800->16802 16803 7ff7a0c35554 16800->16803 16805 7ff7a0c3a948 __free_lconv_num 11 API calls 16801->16805 16808 7ff7a0c354e5 16801->16808 16806 7ff7a0c35514 16802->16806 16802->16808 16809 7ff7a0c3a948 __free_lconv_num 11 API calls 16802->16809 16804 7ff7a0c3f8a0 _fread_nolock MultiByteToWideChar 16803->16804 16815 7ff7a0c35570 16804->16815 16805->16808 16810 7ff7a0c3d5fc _fread_nolock 12 API calls 16806->16810 16807 7ff7a0c35577 GetLastError 16821 7ff7a0c34e7c 16807->16821 16808->16247 16808->16248 16809->16806 16810->16808 16812 7ff7a0c355b2 16812->16808 16816 7ff7a0c3f8a0 _fread_nolock MultiByteToWideChar 16812->16816 16814 7ff7a0c355a5 16819 7ff7a0c3d5fc _fread_nolock 12 API calls 16814->16819 16815->16807 16815->16812 16815->16814 16818 7ff7a0c3a948 __free_lconv_num 11 API calls 16815->16818 16820 7ff7a0c355f6 16816->16820 16817 7ff7a0c34f08 _set_fmode 11 API calls 16817->16808 16818->16814 16819->16812 16820->16807 16820->16808 16822 7ff7a0c3b2c8 _set_fmode 11 API calls 16821->16822 16823 7ff7a0c34e89 __free_lconv_num 16822->16823 16824 7ff7a0c3b2c8 _set_fmode 11 API calls 16823->16824 16825 7ff7a0c34eab 16824->16825 16825->16817 19722 7ff7a0c3afd0 19723 7ff7a0c3afd5 19722->19723 19727 7ff7a0c3afea 19722->19727 19728 7ff7a0c3aff0 19723->19728 19729 7ff7a0c3b03a 19728->19729 19730 7ff7a0c3b032 19728->19730 19732 7ff7a0c3a948 __free_lconv_num 11 API calls 19729->19732 19731 7ff7a0c3a948 __free_lconv_num 11 API calls 19730->19731 19731->19729 19733 7ff7a0c3b047 19732->19733 19734 7ff7a0c3a948 __free_lconv_num 11 API calls 19733->19734 19735 7ff7a0c3b054 19734->19735 19736 7ff7a0c3a948 __free_lconv_num 11 API calls 19735->19736 19737 7ff7a0c3b061 19736->19737 19738 7ff7a0c3a948 __free_lconv_num 11 API calls 19737->19738 19739 7ff7a0c3b06e 19738->19739 19740 7ff7a0c3a948 __free_lconv_num 11 API calls 19739->19740 19741 7ff7a0c3b07b 19740->19741 19742 7ff7a0c3a948 __free_lconv_num 11 API calls 19741->19742 19743 7ff7a0c3b088 19742->19743 19744 7ff7a0c3a948 __free_lconv_num 11 API calls 19743->19744 19745 7ff7a0c3b095 19744->19745 19746 7ff7a0c3a948 __free_lconv_num 11 API calls 19745->19746 19747 7ff7a0c3b0a5 19746->19747 19748 7ff7a0c3a948 __free_lconv_num 11 API calls 19747->19748 19749 7ff7a0c3b0b5 19748->19749 19754 7ff7a0c3ae94 19749->19754 19768 7ff7a0c402d8 EnterCriticalSection 19754->19768 19930 7ff7a0c39d50 19933 7ff7a0c39ccc 19930->19933 19940 7ff7a0c402d8 EnterCriticalSection 19933->19940 19944 7ff7a0c2cb50 19945 7ff7a0c2cb60 19944->19945 19961 7ff7a0c39ba8 19945->19961 19947 7ff7a0c2cb6c 19967 7ff7a0c2ce48 19947->19967 19949 7ff7a0c2d12c 7 API calls 19951 7ff7a0c2cc05 19949->19951 19950 7ff7a0c2cb84 _RTC_Initialize 19959 7ff7a0c2cbd9 19950->19959 19972 7ff7a0c2cff8 19950->19972 19953 7ff7a0c2cb99 19975 7ff7a0c39014 19953->19975 19959->19949 19960 7ff7a0c2cbf5 19959->19960 19962 7ff7a0c39bb9 19961->19962 19963 7ff7a0c34f08 _set_fmode 11 API calls 19962->19963 19964 7ff7a0c39bc1 19962->19964 19965 7ff7a0c39bd0 19963->19965 19964->19947 19966 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 19965->19966 19966->19964 19968 7ff7a0c2ce59 19967->19968 19971 7ff7a0c2ce5e __scrt_release_startup_lock 19967->19971 19969 7ff7a0c2d12c 7 API calls 19968->19969 19968->19971 19970 7ff7a0c2ced2 19969->19970 19971->19950 20000 7ff7a0c2cfbc 19972->20000 19974 7ff7a0c2d001 19974->19953 19976 7ff7a0c39034 19975->19976 19983 7ff7a0c2cba5 19975->19983 19977 7ff7a0c3903c 19976->19977 19978 7ff7a0c39052 GetModuleFileNameW 19976->19978 19979 7ff7a0c34f08 _set_fmode 11 API calls 19977->19979 19980 7ff7a0c3907d 19978->19980 19981 7ff7a0c39041 19979->19981 20015 7ff7a0c38fb4 19980->20015 19982 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 19981->19982 19982->19983 19983->19959 19999 7ff7a0c2d0cc InitializeSListHead 19983->19999 19986 7ff7a0c390c5 19987 7ff7a0c34f08 _set_fmode 11 API calls 19986->19987 19988 7ff7a0c390ca 19987->19988 19989 7ff7a0c3a948 __free_lconv_num 11 API calls 19988->19989 19989->19983 19990 7ff7a0c390ff 19992 7ff7a0c3a948 __free_lconv_num 11 API calls 19990->19992 19991 7ff7a0c390dd 19991->19990 19993 7ff7a0c3912b 19991->19993 19994 7ff7a0c39144 19991->19994 19992->19983 19995 7ff7a0c3a948 __free_lconv_num 11 API calls 19993->19995 19997 7ff7a0c3a948 __free_lconv_num 11 API calls 19994->19997 19996 7ff7a0c39134 19995->19996 19998 7ff7a0c3a948 __free_lconv_num 11 API calls 19996->19998 19997->19990 19998->19983 20001 7ff7a0c2cfd6 20000->20001 20003 7ff7a0c2cfcf 20000->20003 20004 7ff7a0c3a1ec 20001->20004 20003->19974 20007 7ff7a0c39e28 20004->20007 20014 7ff7a0c402d8 EnterCriticalSection 20007->20014 20016 7ff7a0c38fcc 20015->20016 20020 7ff7a0c39004 20015->20020 20017 7ff7a0c3eb98 _set_fmode 11 API calls 20016->20017 20016->20020 20018 7ff7a0c38ffa 20017->20018 20019 7ff7a0c3a948 __free_lconv_num 11 API calls 20018->20019 20019->20020 20020->19986 20020->19991 17090 7ff7a0c2cc3c 17111 7ff7a0c2ce0c 17090->17111 17093 7ff7a0c2cd88 17265 7ff7a0c2d12c IsProcessorFeaturePresent 17093->17265 17094 7ff7a0c2cc58 __scrt_acquire_startup_lock 17096 7ff7a0c2cd92 17094->17096 17101 7ff7a0c2cc76 __scrt_release_startup_lock 17094->17101 17097 7ff7a0c2d12c 7 API calls 17096->17097 17099 7ff7a0c2cd9d __CxxCallCatchBlock 17097->17099 17098 7ff7a0c2cc9b 17100 7ff7a0c2cd21 17117 7ff7a0c2d274 17100->17117 17101->17098 17101->17100 17254 7ff7a0c39b2c 17101->17254 17103 7ff7a0c2cd26 17120 7ff7a0c21000 17103->17120 17108 7ff7a0c2cd49 17108->17099 17261 7ff7a0c2cf90 17108->17261 17112 7ff7a0c2ce14 17111->17112 17113 7ff7a0c2ce20 __scrt_dllmain_crt_thread_attach 17112->17113 17114 7ff7a0c2cc50 17113->17114 17115 7ff7a0c2ce2d 17113->17115 17114->17093 17114->17094 17115->17114 17272 7ff7a0c2d888 17115->17272 17118 7ff7a0c4a4d0 __scrt_get_show_window_mode 17117->17118 17119 7ff7a0c2d28b GetStartupInfoW 17118->17119 17119->17103 17121 7ff7a0c21009 17120->17121 17299 7ff7a0c35484 17121->17299 17123 7ff7a0c237fb 17306 7ff7a0c236b0 17123->17306 17127 7ff7a0c2c550 _log10_special 8 API calls 17129 7ff7a0c23ca7 17127->17129 17259 7ff7a0c2d2b8 GetModuleHandleW 17129->17259 17130 7ff7a0c2383c 17473 7ff7a0c21c80 17130->17473 17131 7ff7a0c2391b 17482 7ff7a0c245c0 17131->17482 17135 7ff7a0c2385b 17378 7ff7a0c28830 17135->17378 17137 7ff7a0c2396a 17505 7ff7a0c22710 17137->17505 17138 7ff7a0c2388e 17148 7ff7a0c238bb __std_exception_destroy 17138->17148 17477 7ff7a0c289a0 17138->17477 17141 7ff7a0c2395d 17142 7ff7a0c23962 17141->17142 17143 7ff7a0c23984 17141->17143 17501 7ff7a0c3004c 17142->17501 17144 7ff7a0c21c80 49 API calls 17143->17144 17147 7ff7a0c239a3 17144->17147 17152 7ff7a0c21950 115 API calls 17147->17152 17149 7ff7a0c28830 14 API calls 17148->17149 17158 7ff7a0c238de __std_exception_destroy 17148->17158 17149->17158 17151 7ff7a0c23a0b 17153 7ff7a0c289a0 40 API calls 17151->17153 17154 7ff7a0c239ce 17152->17154 17155 7ff7a0c23a17 17153->17155 17154->17135 17157 7ff7a0c239de 17154->17157 17156 7ff7a0c289a0 40 API calls 17155->17156 17159 7ff7a0c23a23 17156->17159 17160 7ff7a0c22710 54 API calls 17157->17160 17162 7ff7a0c2390e __std_exception_destroy 17158->17162 17391 7ff7a0c28940 17158->17391 17161 7ff7a0c289a0 40 API calls 17159->17161 17201 7ff7a0c23808 __std_exception_destroy 17160->17201 17161->17162 17163 7ff7a0c28830 14 API calls 17162->17163 17164 7ff7a0c23a3b 17163->17164 17165 7ff7a0c23b2f 17164->17165 17166 7ff7a0c23a60 __std_exception_destroy 17164->17166 17167 7ff7a0c22710 54 API calls 17165->17167 17168 7ff7a0c28940 40 API calls 17166->17168 17173 7ff7a0c23aab 17166->17173 17167->17201 17168->17173 17169 7ff7a0c28830 14 API calls 17170 7ff7a0c23bf4 __std_exception_destroy 17169->17170 17171 7ff7a0c23d41 17170->17171 17172 7ff7a0c23c46 17170->17172 17516 7ff7a0c244e0 17171->17516 17174 7ff7a0c23c50 17172->17174 17175 7ff7a0c23cd4 17172->17175 17173->17169 17398 7ff7a0c290e0 17174->17398 17178 7ff7a0c28830 14 API calls 17175->17178 17181 7ff7a0c23ce0 17178->17181 17179 7ff7a0c23d4f 17182 7ff7a0c23d71 17179->17182 17183 7ff7a0c23d65 17179->17183 17186 7ff7a0c23c61 17181->17186 17187 7ff7a0c23ced 17181->17187 17185 7ff7a0c21c80 49 API calls 17182->17185 17519 7ff7a0c24630 17183->17519 17195 7ff7a0c23cc8 __std_exception_destroy 17185->17195 17189 7ff7a0c22710 54 API calls 17186->17189 17190 7ff7a0c21c80 49 API calls 17187->17190 17189->17201 17193 7ff7a0c23d0b 17190->17193 17191 7ff7a0c23dc4 17448 7ff7a0c29390 17191->17448 17193->17195 17196 7ff7a0c23d12 17193->17196 17195->17191 17197 7ff7a0c23da7 SetDllDirectoryW LoadLibraryExW 17195->17197 17199 7ff7a0c22710 54 API calls 17196->17199 17197->17191 17198 7ff7a0c23dd7 SetDllDirectoryW 17202 7ff7a0c23e0a 17198->17202 17243 7ff7a0c23e5a 17198->17243 17199->17201 17201->17127 17204 7ff7a0c28830 14 API calls 17202->17204 17203 7ff7a0c24008 17206 7ff7a0c24012 PostMessageW GetMessageW 17203->17206 17207 7ff7a0c24035 17203->17207 17211 7ff7a0c23e16 __std_exception_destroy 17204->17211 17205 7ff7a0c23f1b 17453 7ff7a0c233c0 17205->17453 17206->17207 17596 7ff7a0c23360 17207->17596 17213 7ff7a0c23ef2 17211->17213 17217 7ff7a0c23e4e 17211->17217 17216 7ff7a0c28940 40 API calls 17213->17216 17216->17243 17217->17243 17522 7ff7a0c26dc0 17217->17522 17223 7ff7a0c26fc0 FreeLibrary 17225 7ff7a0c2405b 17223->17225 17231 7ff7a0c23e81 17234 7ff7a0c23ea2 17231->17234 17245 7ff7a0c23e85 17231->17245 17543 7ff7a0c26e00 17231->17543 17234->17245 17243->17203 17243->17205 17245->17243 17255 7ff7a0c39b64 17254->17255 17256 7ff7a0c39b43 17254->17256 19524 7ff7a0c3a3d8 17255->19524 17256->17100 17260 7ff7a0c2d2c9 17259->17260 17260->17108 17263 7ff7a0c2cfa1 17261->17263 17262 7ff7a0c2cd60 17262->17098 17263->17262 17264 7ff7a0c2d888 7 API calls 17263->17264 17264->17262 17266 7ff7a0c2d152 _isindst __scrt_get_show_window_mode 17265->17266 17267 7ff7a0c2d171 RtlCaptureContext RtlLookupFunctionEntry 17266->17267 17268 7ff7a0c2d19a RtlVirtualUnwind 17267->17268 17269 7ff7a0c2d1d6 __scrt_get_show_window_mode 17267->17269 17268->17269 17270 7ff7a0c2d208 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 17269->17270 17271 7ff7a0c2d256 _isindst 17270->17271 17271->17096 17273 7ff7a0c2d89a 17272->17273 17274 7ff7a0c2d890 17272->17274 17273->17114 17278 7ff7a0c2dc24 17274->17278 17279 7ff7a0c2d895 17278->17279 17280 7ff7a0c2dc33 17278->17280 17282 7ff7a0c2dc90 17279->17282 17286 7ff7a0c2de60 17280->17286 17283 7ff7a0c2dcbb 17282->17283 17284 7ff7a0c2dc9e DeleteCriticalSection 17283->17284 17285 7ff7a0c2dcbf 17283->17285 17284->17283 17285->17273 17290 7ff7a0c2dcc8 17286->17290 17291 7ff7a0c2ddb2 TlsFree 17290->17291 17296 7ff7a0c2dd0c __vcrt_InitializeCriticalSectionEx 17290->17296 17292 7ff7a0c2dd3a LoadLibraryExW 17294 7ff7a0c2ddd9 17292->17294 17295 7ff7a0c2dd5b GetLastError 17292->17295 17293 7ff7a0c2ddf9 GetProcAddress 17293->17291 17294->17293 17297 7ff7a0c2ddf0 FreeLibrary 17294->17297 17295->17296 17296->17291 17296->17292 17296->17293 17298 7ff7a0c2dd7d LoadLibraryExW 17296->17298 17297->17293 17298->17294 17298->17296 17302 7ff7a0c3f480 17299->17302 17300 7ff7a0c3f4d3 17301 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17300->17301 17305 7ff7a0c3f4fc 17301->17305 17302->17300 17303 7ff7a0c3f526 17302->17303 17609 7ff7a0c3f358 17303->17609 17305->17123 17617 7ff7a0c2c850 17306->17617 17309 7ff7a0c236eb GetLastError 17624 7ff7a0c22c50 17309->17624 17310 7ff7a0c23710 17619 7ff7a0c29280 FindFirstFileExW 17310->17619 17314 7ff7a0c2377d 17650 7ff7a0c29440 17314->17650 17315 7ff7a0c23723 17639 7ff7a0c29300 CreateFileW 17315->17639 17317 7ff7a0c2c550 _log10_special 8 API calls 17320 7ff7a0c237b5 17317->17320 17319 7ff7a0c2378b 17322 7ff7a0c23706 17319->17322 17325 7ff7a0c22810 49 API calls 17319->17325 17320->17201 17328 7ff7a0c21950 17320->17328 17322->17317 17323 7ff7a0c2374c __vcrt_InitializeCriticalSectionEx 17323->17314 17324 7ff7a0c23734 17642 7ff7a0c22810 17324->17642 17325->17322 17329 7ff7a0c245c0 108 API calls 17328->17329 17330 7ff7a0c21985 17329->17330 17331 7ff7a0c21c43 17330->17331 17332 7ff7a0c27f90 83 API calls 17330->17332 17333 7ff7a0c2c550 _log10_special 8 API calls 17331->17333 17334 7ff7a0c219cb 17332->17334 17335 7ff7a0c21c5e 17333->17335 17377 7ff7a0c21a03 17334->17377 17995 7ff7a0c306d4 17334->17995 17335->17130 17335->17131 17337 7ff7a0c3004c 74 API calls 17337->17331 17338 7ff7a0c219e5 17339 7ff7a0c21a08 17338->17339 17340 7ff7a0c219e9 17338->17340 17999 7ff7a0c3039c 17339->17999 17341 7ff7a0c34f08 _set_fmode 11 API calls 17340->17341 17344 7ff7a0c219ee 17341->17344 18002 7ff7a0c22910 17344->18002 17345 7ff7a0c21a26 17348 7ff7a0c34f08 _set_fmode 11 API calls 17345->17348 17346 7ff7a0c21a45 17351 7ff7a0c21a5c 17346->17351 17352 7ff7a0c21a7b 17346->17352 17349 7ff7a0c21a2b 17348->17349 17350 7ff7a0c22910 54 API calls 17349->17350 17350->17377 17353 7ff7a0c34f08 _set_fmode 11 API calls 17351->17353 17354 7ff7a0c21c80 49 API calls 17352->17354 17356 7ff7a0c21a61 17353->17356 17355 7ff7a0c21a92 17354->17355 17357 7ff7a0c21c80 49 API calls 17355->17357 17358 7ff7a0c22910 54 API calls 17356->17358 17359 7ff7a0c21add 17357->17359 17358->17377 17360 7ff7a0c306d4 73 API calls 17359->17360 17361 7ff7a0c21b01 17360->17361 17362 7ff7a0c21b16 17361->17362 17363 7ff7a0c21b35 17361->17363 17364 7ff7a0c34f08 _set_fmode 11 API calls 17362->17364 17365 7ff7a0c3039c _fread_nolock 53 API calls 17363->17365 17366 7ff7a0c21b1b 17364->17366 17367 7ff7a0c21b4a 17365->17367 17368 7ff7a0c22910 54 API calls 17366->17368 17369 7ff7a0c21b50 17367->17369 17370 7ff7a0c21b6f 17367->17370 17368->17377 17371 7ff7a0c34f08 _set_fmode 11 API calls 17369->17371 18017 7ff7a0c30110 17370->18017 17373 7ff7a0c21b55 17371->17373 17375 7ff7a0c22910 54 API calls 17373->17375 17375->17377 17376 7ff7a0c22710 54 API calls 17376->17377 17377->17337 17379 7ff7a0c2883a 17378->17379 17380 7ff7a0c29390 2 API calls 17379->17380 17381 7ff7a0c28859 GetEnvironmentVariableW 17380->17381 17382 7ff7a0c288c2 17381->17382 17383 7ff7a0c28876 ExpandEnvironmentStringsW 17381->17383 17385 7ff7a0c2c550 _log10_special 8 API calls 17382->17385 17383->17382 17384 7ff7a0c28898 17383->17384 17387 7ff7a0c29440 2 API calls 17384->17387 17386 7ff7a0c288d4 17385->17386 17386->17138 17388 7ff7a0c288aa 17387->17388 17389 7ff7a0c2c550 _log10_special 8 API calls 17388->17389 17390 7ff7a0c288ba 17389->17390 17390->17138 17392 7ff7a0c29390 2 API calls 17391->17392 17393 7ff7a0c2895c 17392->17393 17394 7ff7a0c29390 2 API calls 17393->17394 17395 7ff7a0c2896c 17394->17395 18232 7ff7a0c38238 17395->18232 17397 7ff7a0c2897a __std_exception_destroy 17397->17151 17399 7ff7a0c290f5 17398->17399 18250 7ff7a0c28570 GetCurrentProcess OpenProcessToken 17399->18250 17402 7ff7a0c28570 7 API calls 17403 7ff7a0c29121 17402->17403 17404 7ff7a0c2913a 17403->17404 17405 7ff7a0c29154 17403->17405 17406 7ff7a0c226b0 48 API calls 17404->17406 17407 7ff7a0c226b0 48 API calls 17405->17407 17408 7ff7a0c29152 17406->17408 17409 7ff7a0c29167 LocalFree LocalFree 17407->17409 17408->17409 17410 7ff7a0c29183 17409->17410 17414 7ff7a0c2918f 17409->17414 18260 7ff7a0c22b50 17410->18260 17412 7ff7a0c2c550 _log10_special 8 API calls 17413 7ff7a0c23c55 17412->17413 17413->17186 17415 7ff7a0c28660 17413->17415 17414->17412 17416 7ff7a0c28678 17415->17416 17417 7ff7a0c286fa GetTempPathW GetCurrentProcessId 17416->17417 17418 7ff7a0c2869c 17416->17418 18269 7ff7a0c225c0 17417->18269 17420 7ff7a0c28830 14 API calls 17418->17420 17421 7ff7a0c286a8 17420->17421 18276 7ff7a0c281d0 17421->18276 17426 7ff7a0c286e8 __std_exception_destroy 17447 7ff7a0c287d4 __std_exception_destroy 17426->17447 17427 7ff7a0c28728 __std_exception_destroy 17433 7ff7a0c28765 __std_exception_destroy 17427->17433 18273 7ff7a0c38b68 17427->18273 17429 7ff7a0c38238 38 API calls 17431 7ff7a0c286ce __std_exception_destroy 17429->17431 17431->17417 17439 7ff7a0c29390 2 API calls 17433->17439 17433->17447 17434 7ff7a0c2c550 _log10_special 8 API calls 17437 7ff7a0c23cbb 17434->17437 17437->17186 17437->17195 17440 7ff7a0c287b1 17439->17440 17441 7ff7a0c287e9 17440->17441 17442 7ff7a0c287b6 17440->17442 17443 7ff7a0c38238 38 API calls 17441->17443 17444 7ff7a0c29390 2 API calls 17442->17444 17443->17447 17445 7ff7a0c287c6 17444->17445 17446 7ff7a0c38238 38 API calls 17445->17446 17446->17447 17447->17434 17449 7ff7a0c293b2 MultiByteToWideChar 17448->17449 17451 7ff7a0c293d6 17448->17451 17449->17451 17452 7ff7a0c293ec __std_exception_destroy 17449->17452 17450 7ff7a0c293f3 MultiByteToWideChar 17450->17452 17451->17450 17451->17452 17452->17198 17464 7ff7a0c233ce __scrt_get_show_window_mode 17453->17464 17454 7ff7a0c2c550 _log10_special 8 API calls 17456 7ff7a0c23664 17454->17456 17455 7ff7a0c235c7 17455->17454 17456->17201 17472 7ff7a0c290c0 LocalFree 17456->17472 17458 7ff7a0c21c80 49 API calls 17458->17464 17459 7ff7a0c235e2 17461 7ff7a0c22710 54 API calls 17459->17461 17461->17455 17463 7ff7a0c235c9 17467 7ff7a0c22710 54 API calls 17463->17467 17464->17455 17464->17458 17464->17459 17464->17463 17466 7ff7a0c22a50 54 API calls 17464->17466 17470 7ff7a0c235d0 17464->17470 18447 7ff7a0c24560 17464->18447 18453 7ff7a0c27e20 17464->18453 18464 7ff7a0c21600 17464->18464 18512 7ff7a0c27120 17464->18512 18516 7ff7a0c24190 17464->18516 18560 7ff7a0c24450 17464->18560 17466->17464 17467->17455 17471 7ff7a0c22710 54 API calls 17470->17471 17471->17455 17474 7ff7a0c21ca5 17473->17474 17475 7ff7a0c34984 49 API calls 17474->17475 17476 7ff7a0c21cc8 17475->17476 17476->17135 17478 7ff7a0c29390 2 API calls 17477->17478 17479 7ff7a0c289b4 17478->17479 17480 7ff7a0c38238 38 API calls 17479->17480 17481 7ff7a0c289c6 __std_exception_destroy 17480->17481 17481->17148 17483 7ff7a0c245cc 17482->17483 17484 7ff7a0c29390 2 API calls 17483->17484 17485 7ff7a0c245f4 17484->17485 17486 7ff7a0c29390 2 API calls 17485->17486 17487 7ff7a0c24607 17486->17487 18727 7ff7a0c35f94 17487->18727 17490 7ff7a0c2c550 _log10_special 8 API calls 17491 7ff7a0c2392b 17490->17491 17491->17137 17492 7ff7a0c27f90 17491->17492 17493 7ff7a0c27fb4 17492->17493 17494 7ff7a0c306d4 73 API calls 17493->17494 17499 7ff7a0c2808b __std_exception_destroy 17493->17499 17495 7ff7a0c27fd0 17494->17495 17495->17499 19118 7ff7a0c378c8 17495->19118 17497 7ff7a0c306d4 73 API calls 17500 7ff7a0c27fe5 17497->17500 17498 7ff7a0c3039c _fread_nolock 53 API calls 17498->17500 17499->17141 17500->17497 17500->17498 17500->17499 17502 7ff7a0c3007c 17501->17502 19133 7ff7a0c2fe28 17502->19133 17504 7ff7a0c30095 17504->17137 17506 7ff7a0c2c850 17505->17506 17507 7ff7a0c22734 GetCurrentProcessId 17506->17507 17508 7ff7a0c21c80 49 API calls 17507->17508 17509 7ff7a0c22787 17508->17509 17510 7ff7a0c34984 49 API calls 17509->17510 17511 7ff7a0c227cf 17510->17511 17512 7ff7a0c22620 12 API calls 17511->17512 17513 7ff7a0c227f1 17512->17513 17514 7ff7a0c2c550 _log10_special 8 API calls 17513->17514 17515 7ff7a0c22801 17514->17515 17515->17201 17517 7ff7a0c21c80 49 API calls 17516->17517 17518 7ff7a0c244fd 17517->17518 17518->17179 17520 7ff7a0c21c80 49 API calls 17519->17520 17521 7ff7a0c24660 17520->17521 17521->17195 17523 7ff7a0c26dd5 17522->17523 17524 7ff7a0c23e6c 17523->17524 17525 7ff7a0c34f08 _set_fmode 11 API calls 17523->17525 17528 7ff7a0c27340 17524->17528 17526 7ff7a0c26de2 17525->17526 17527 7ff7a0c22910 54 API calls 17526->17527 17527->17524 19144 7ff7a0c21470 17528->19144 17530 7ff7a0c27368 17531 7ff7a0c24630 49 API calls 17530->17531 17541 7ff7a0c274b9 __std_exception_destroy 17530->17541 17532 7ff7a0c2738a 17531->17532 17533 7ff7a0c2738f 17532->17533 17534 7ff7a0c24630 49 API calls 17532->17534 17541->17231 19250 7ff7a0c26360 17596->19250 17604 7ff7a0c23399 17605 7ff7a0c23670 17604->17605 17606 7ff7a0c2367e 17605->17606 17608 7ff7a0c2368f 17606->17608 19523 7ff7a0c28e60 FreeLibrary 17606->19523 17608->17223 17616 7ff7a0c3546c EnterCriticalSection 17609->17616 17618 7ff7a0c236bc GetModuleFileNameW 17617->17618 17618->17309 17618->17310 17620 7ff7a0c292d2 17619->17620 17621 7ff7a0c292bf FindClose 17619->17621 17622 7ff7a0c2c550 _log10_special 8 API calls 17620->17622 17621->17620 17623 7ff7a0c2371a 17622->17623 17623->17314 17623->17315 17625 7ff7a0c2c850 17624->17625 17626 7ff7a0c22c70 GetCurrentProcessId 17625->17626 17655 7ff7a0c226b0 17626->17655 17628 7ff7a0c22cb9 17659 7ff7a0c34bd8 17628->17659 17631 7ff7a0c226b0 48 API calls 17632 7ff7a0c22d34 FormatMessageW 17631->17632 17634 7ff7a0c22d6d 17632->17634 17635 7ff7a0c22d7f MessageBoxW 17632->17635 17636 7ff7a0c226b0 48 API calls 17634->17636 17637 7ff7a0c2c550 _log10_special 8 API calls 17635->17637 17636->17635 17638 7ff7a0c22daf 17637->17638 17638->17322 17640 7ff7a0c29340 GetFinalPathNameByHandleW CloseHandle 17639->17640 17641 7ff7a0c23730 17639->17641 17640->17641 17641->17323 17641->17324 17643 7ff7a0c22834 17642->17643 17644 7ff7a0c226b0 48 API calls 17643->17644 17645 7ff7a0c22887 17644->17645 17646 7ff7a0c34bd8 48 API calls 17645->17646 17647 7ff7a0c228d0 MessageBoxW 17646->17647 17648 7ff7a0c2c550 _log10_special 8 API calls 17647->17648 17649 7ff7a0c22900 17648->17649 17649->17322 17651 7ff7a0c2946a WideCharToMultiByte 17650->17651 17654 7ff7a0c29495 17650->17654 17653 7ff7a0c294ab __std_exception_destroy 17651->17653 17651->17654 17652 7ff7a0c294b2 WideCharToMultiByte 17652->17653 17653->17319 17654->17652 17654->17653 17656 7ff7a0c226d5 17655->17656 17657 7ff7a0c34bd8 48 API calls 17656->17657 17658 7ff7a0c226f8 17657->17658 17658->17628 17662 7ff7a0c34c32 17659->17662 17660 7ff7a0c34c57 17661 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17660->17661 17676 7ff7a0c34c81 17661->17676 17662->17660 17663 7ff7a0c34c93 17662->17663 17677 7ff7a0c32f90 17663->17677 17666 7ff7a0c2c550 _log10_special 8 API calls 17668 7ff7a0c22d04 17666->17668 17667 7ff7a0c3a948 __free_lconv_num 11 API calls 17667->17676 17668->17631 17669 7ff7a0c34d74 17669->17667 17670 7ff7a0c34d49 17673 7ff7a0c3a948 __free_lconv_num 11 API calls 17670->17673 17671 7ff7a0c34d9a 17671->17669 17672 7ff7a0c34da4 17671->17672 17675 7ff7a0c3a948 __free_lconv_num 11 API calls 17672->17675 17673->17676 17674 7ff7a0c34d40 17674->17669 17674->17670 17675->17676 17676->17666 17678 7ff7a0c32fce 17677->17678 17683 7ff7a0c32fbe 17677->17683 17679 7ff7a0c32fd7 17678->17679 17685 7ff7a0c33005 17678->17685 17681 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17679->17681 17680 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17682 7ff7a0c32ffd 17680->17682 17681->17682 17682->17669 17682->17670 17682->17671 17682->17674 17683->17680 17685->17682 17685->17683 17688 7ff7a0c339a4 17685->17688 17721 7ff7a0c333f0 17685->17721 17758 7ff7a0c32b80 17685->17758 17689 7ff7a0c33a57 17688->17689 17690 7ff7a0c339e6 17688->17690 17691 7ff7a0c33a5c 17689->17691 17692 7ff7a0c33ab0 17689->17692 17693 7ff7a0c339ec 17690->17693 17694 7ff7a0c33a81 17690->17694 17695 7ff7a0c33a5e 17691->17695 17696 7ff7a0c33a91 17691->17696 17700 7ff7a0c33aba 17692->17700 17701 7ff7a0c33ac7 17692->17701 17706 7ff7a0c33abf 17692->17706 17697 7ff7a0c339f1 17693->17697 17698 7ff7a0c33a20 17693->17698 17781 7ff7a0c31d54 17694->17781 17699 7ff7a0c33a00 17695->17699 17708 7ff7a0c33a6d 17695->17708 17788 7ff7a0c31944 17696->17788 17697->17701 17703 7ff7a0c339f7 17697->17703 17698->17703 17698->17706 17719 7ff7a0c33af0 17699->17719 17761 7ff7a0c34158 17699->17761 17700->17694 17700->17706 17795 7ff7a0c346ac 17701->17795 17703->17699 17709 7ff7a0c33a32 17703->17709 17717 7ff7a0c33a1b 17703->17717 17706->17719 17799 7ff7a0c32164 17706->17799 17708->17694 17711 7ff7a0c33a72 17708->17711 17709->17719 17771 7ff7a0c34494 17709->17771 17711->17719 17777 7ff7a0c34558 17711->17777 17713 7ff7a0c2c550 _log10_special 8 API calls 17715 7ff7a0c33dea 17713->17715 17715->17685 17717->17719 17720 7ff7a0c33cdc 17717->17720 17806 7ff7a0c347c0 17717->17806 17719->17713 17720->17719 17812 7ff7a0c3ea08 17720->17812 17722 7ff7a0c333fe 17721->17722 17723 7ff7a0c33414 17721->17723 17724 7ff7a0c33454 17722->17724 17725 7ff7a0c33a57 17722->17725 17726 7ff7a0c339e6 17722->17726 17723->17724 17727 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17723->17727 17724->17685 17728 7ff7a0c33a5c 17725->17728 17729 7ff7a0c33ab0 17725->17729 17730 7ff7a0c339ec 17726->17730 17731 7ff7a0c33a81 17726->17731 17727->17724 17732 7ff7a0c33a5e 17728->17732 17733 7ff7a0c33a91 17728->17733 17737 7ff7a0c33aba 17729->17737 17738 7ff7a0c33ac7 17729->17738 17743 7ff7a0c33abf 17729->17743 17734 7ff7a0c339f1 17730->17734 17735 7ff7a0c33a20 17730->17735 17739 7ff7a0c31d54 38 API calls 17731->17739 17736 7ff7a0c33a00 17732->17736 17747 7ff7a0c33a6d 17732->17747 17741 7ff7a0c31944 38 API calls 17733->17741 17734->17738 17740 7ff7a0c339f7 17734->17740 17735->17740 17735->17743 17742 7ff7a0c34158 47 API calls 17736->17742 17757 7ff7a0c33af0 17736->17757 17737->17731 17737->17743 17744 7ff7a0c346ac 45 API calls 17738->17744 17755 7ff7a0c33a1b 17739->17755 17740->17736 17745 7ff7a0c33a32 17740->17745 17740->17755 17741->17755 17742->17755 17746 7ff7a0c32164 38 API calls 17743->17746 17743->17757 17744->17755 17748 7ff7a0c34494 46 API calls 17745->17748 17745->17757 17746->17755 17747->17731 17749 7ff7a0c33a72 17747->17749 17748->17755 17751 7ff7a0c34558 37 API calls 17749->17751 17749->17757 17750 7ff7a0c2c550 _log10_special 8 API calls 17752 7ff7a0c33dea 17750->17752 17751->17755 17752->17685 17753 7ff7a0c347c0 45 API calls 17756 7ff7a0c33cdc 17753->17756 17754 7ff7a0c3ea08 46 API calls 17754->17756 17755->17753 17755->17756 17755->17757 17756->17754 17756->17757 17757->17750 17978 7ff7a0c30fc8 17758->17978 17762 7ff7a0c3417e 17761->17762 17824 7ff7a0c30b80 17762->17824 17767 7ff7a0c342c3 17769 7ff7a0c347c0 45 API calls 17767->17769 17770 7ff7a0c34351 17767->17770 17768 7ff7a0c347c0 45 API calls 17768->17767 17769->17770 17770->17717 17774 7ff7a0c344c9 17771->17774 17772 7ff7a0c3450e 17772->17717 17773 7ff7a0c344e7 17775 7ff7a0c3ea08 46 API calls 17773->17775 17774->17772 17774->17773 17776 7ff7a0c347c0 45 API calls 17774->17776 17775->17772 17776->17773 17780 7ff7a0c34579 17777->17780 17778 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17779 7ff7a0c345aa 17778->17779 17779->17717 17780->17778 17780->17779 17783 7ff7a0c31d87 17781->17783 17782 7ff7a0c31db6 17787 7ff7a0c31df3 17782->17787 17951 7ff7a0c30c28 17782->17951 17783->17782 17785 7ff7a0c31e73 17783->17785 17786 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17785->17786 17786->17787 17787->17717 17789 7ff7a0c31977 17788->17789 17790 7ff7a0c319a6 17789->17790 17792 7ff7a0c31a63 17789->17792 17791 7ff7a0c30c28 12 API calls 17790->17791 17794 7ff7a0c319e3 17790->17794 17791->17794 17793 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17792->17793 17793->17794 17794->17717 17796 7ff7a0c346ef 17795->17796 17798 7ff7a0c346f3 __crtLCMapStringW 17796->17798 17959 7ff7a0c34748 17796->17959 17798->17717 17800 7ff7a0c32197 17799->17800 17801 7ff7a0c321c6 17800->17801 17803 7ff7a0c32283 17800->17803 17802 7ff7a0c30c28 12 API calls 17801->17802 17805 7ff7a0c32203 17801->17805 17802->17805 17804 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17803->17804 17804->17805 17805->17717 17807 7ff7a0c347d7 17806->17807 17963 7ff7a0c3d9b8 17807->17963 17814 7ff7a0c3ea39 17812->17814 17821 7ff7a0c3ea47 17812->17821 17813 7ff7a0c3ea67 17816 7ff7a0c3ea78 17813->17816 17817 7ff7a0c3ea9f 17813->17817 17814->17813 17815 7ff7a0c347c0 45 API calls 17814->17815 17814->17821 17815->17813 17971 7ff7a0c400a0 17816->17971 17819 7ff7a0c3eb2a 17817->17819 17820 7ff7a0c3eac9 17817->17820 17817->17821 17822 7ff7a0c3f8a0 _fread_nolock MultiByteToWideChar 17819->17822 17820->17821 17823 7ff7a0c3f8a0 _fread_nolock MultiByteToWideChar 17820->17823 17821->17720 17822->17821 17823->17821 17825 7ff7a0c30bb7 17824->17825 17831 7ff7a0c30ba6 17824->17831 17826 7ff7a0c3d5fc _fread_nolock 12 API calls 17825->17826 17825->17831 17827 7ff7a0c30be4 17826->17827 17828 7ff7a0c3a948 __free_lconv_num 11 API calls 17827->17828 17830 7ff7a0c30bf8 17827->17830 17828->17830 17829 7ff7a0c3a948 __free_lconv_num 11 API calls 17829->17831 17830->17829 17832 7ff7a0c3e570 17831->17832 17833 7ff7a0c3e58d 17832->17833 17834 7ff7a0c3e5c0 17832->17834 17835 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17833->17835 17834->17833 17836 7ff7a0c3e5f2 17834->17836 17844 7ff7a0c342a1 17835->17844 17837 7ff7a0c3e705 17836->17837 17849 7ff7a0c3e63a 17836->17849 17838 7ff7a0c3e7f7 17837->17838 17840 7ff7a0c3e7bd 17837->17840 17842 7ff7a0c3e78c 17837->17842 17843 7ff7a0c3e74f 17837->17843 17846 7ff7a0c3e745 17837->17846 17878 7ff7a0c3da5c 17838->17878 17871 7ff7a0c3ddf4 17840->17871 17864 7ff7a0c3e0d4 17842->17864 17854 7ff7a0c3e304 17843->17854 17844->17767 17844->17768 17846->17840 17848 7ff7a0c3e74a 17846->17848 17848->17842 17848->17843 17849->17844 17850 7ff7a0c3a4a4 __std_exception_copy 37 API calls 17849->17850 17851 7ff7a0c3e6f2 17850->17851 17851->17844 17852 7ff7a0c3a900 _isindst 17 API calls 17851->17852 17853 7ff7a0c3e854 17852->17853 17887 7ff7a0c440ac 17854->17887 17858 7ff7a0c3e3b0 17858->17844 17859 7ff7a0c3e401 17940 7ff7a0c3def0 17859->17940 17860 7ff7a0c3e3ac 17860->17858 17860->17859 17861 7ff7a0c3e3cc 17860->17861 17936 7ff7a0c3e1ac 17861->17936 17865 7ff7a0c440ac 38 API calls 17864->17865 17866 7ff7a0c3e11e 17865->17866 17867 7ff7a0c43af4 37 API calls 17866->17867 17868 7ff7a0c3e16e 17867->17868 17869 7ff7a0c3e172 17868->17869 17870 7ff7a0c3e1ac 45 API calls 17868->17870 17869->17844 17870->17869 17872 7ff7a0c440ac 38 API calls 17871->17872 17873 7ff7a0c3de3f 17872->17873 17874 7ff7a0c43af4 37 API calls 17873->17874 17875 7ff7a0c3de97 17874->17875 17876 7ff7a0c3de9b 17875->17876 17877 7ff7a0c3def0 45 API calls 17875->17877 17876->17844 17877->17876 17879 7ff7a0c3daa1 17878->17879 17880 7ff7a0c3dad4 17878->17880 17881 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17879->17881 17882 7ff7a0c3daec 17880->17882 17885 7ff7a0c3db6d 17880->17885 17884 7ff7a0c3dacd __scrt_get_show_window_mode 17881->17884 17883 7ff7a0c3ddf4 46 API calls 17882->17883 17883->17884 17884->17844 17885->17884 17886 7ff7a0c347c0 45 API calls 17885->17886 17886->17884 17888 7ff7a0c440ff fegetenv 17887->17888 17889 7ff7a0c47e2c 37 API calls 17888->17889 17895 7ff7a0c44152 17889->17895 17890 7ff7a0c4417f 17894 7ff7a0c3a4a4 __std_exception_copy 37 API calls 17890->17894 17891 7ff7a0c44242 17892 7ff7a0c47e2c 37 API calls 17891->17892 17893 7ff7a0c4426c 17892->17893 17898 7ff7a0c47e2c 37 API calls 17893->17898 17899 7ff7a0c441fd 17894->17899 17895->17891 17896 7ff7a0c4416d 17895->17896 17897 7ff7a0c4421c 17895->17897 17896->17890 17896->17891 17902 7ff7a0c3a4a4 __std_exception_copy 37 API calls 17897->17902 17900 7ff7a0c4427d 17898->17900 17901 7ff7a0c45324 17899->17901 17906 7ff7a0c44205 17899->17906 17903 7ff7a0c48020 20 API calls 17900->17903 17904 7ff7a0c3a900 _isindst 17 API calls 17901->17904 17902->17899 17914 7ff7a0c442e6 __scrt_get_show_window_mode 17903->17914 17905 7ff7a0c45339 17904->17905 17907 7ff7a0c2c550 _log10_special 8 API calls 17906->17907 17908 7ff7a0c3e351 17907->17908 17932 7ff7a0c43af4 17908->17932 17909 7ff7a0c4468f __scrt_get_show_window_mode 17910 7ff7a0c449cf 17911 7ff7a0c43c10 37 API calls 17910->17911 17918 7ff7a0c450e7 17911->17918 17912 7ff7a0c4497b 17912->17910 17915 7ff7a0c4533c memcpy_s 37 API calls 17912->17915 17913 7ff7a0c44327 memcpy_s 17926 7ff7a0c44783 memcpy_s __scrt_get_show_window_mode 17913->17926 17927 7ff7a0c44c6b memcpy_s __scrt_get_show_window_mode 17913->17927 17914->17909 17914->17913 17916 7ff7a0c34f08 _set_fmode 11 API calls 17914->17916 17915->17910 17917 7ff7a0c44760 17916->17917 17919 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17917->17919 17921 7ff7a0c4533c memcpy_s 37 API calls 17918->17921 17930 7ff7a0c45142 17918->17930 17919->17913 17920 7ff7a0c452c8 17924 7ff7a0c47e2c 37 API calls 17920->17924 17921->17930 17922 7ff7a0c34f08 11 API calls _set_fmode 17922->17927 17923 7ff7a0c34f08 11 API calls _set_fmode 17923->17926 17924->17906 17925 7ff7a0c43c10 37 API calls 17925->17930 17926->17912 17926->17923 17928 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 17926->17928 17927->17910 17927->17912 17927->17922 17931 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 17927->17931 17928->17926 17929 7ff7a0c4533c memcpy_s 37 API calls 17929->17930 17930->17920 17930->17925 17930->17929 17931->17927 17933 7ff7a0c43b13 17932->17933 17934 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17933->17934 17935 7ff7a0c43b3e memcpy_s 17933->17935 17934->17935 17935->17860 17937 7ff7a0c3e1d8 memcpy_s 17936->17937 17938 7ff7a0c347c0 45 API calls 17937->17938 17939 7ff7a0c3e292 memcpy_s __scrt_get_show_window_mode 17937->17939 17938->17939 17939->17858 17941 7ff7a0c3df2b 17940->17941 17945 7ff7a0c3df78 memcpy_s 17940->17945 17942 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17941->17942 17943 7ff7a0c3df57 17942->17943 17943->17858 17944 7ff7a0c3dfe3 17946 7ff7a0c3a4a4 __std_exception_copy 37 API calls 17944->17946 17945->17944 17947 7ff7a0c347c0 45 API calls 17945->17947 17950 7ff7a0c3e025 memcpy_s 17946->17950 17947->17944 17948 7ff7a0c3a900 _isindst 17 API calls 17949 7ff7a0c3e0d0 17948->17949 17950->17948 17952 7ff7a0c30c5f 17951->17952 17953 7ff7a0c30c4e 17951->17953 17952->17953 17954 7ff7a0c3d5fc _fread_nolock 12 API calls 17952->17954 17953->17787 17955 7ff7a0c30c90 17954->17955 17956 7ff7a0c30ca4 17955->17956 17957 7ff7a0c3a948 __free_lconv_num 11 API calls 17955->17957 17958 7ff7a0c3a948 __free_lconv_num 11 API calls 17956->17958 17957->17956 17958->17953 17960 7ff7a0c3476e 17959->17960 17961 7ff7a0c34766 17959->17961 17960->17798 17962 7ff7a0c347c0 45 API calls 17961->17962 17962->17960 17964 7ff7a0c347ff 17963->17964 17965 7ff7a0c3d9d1 17963->17965 17967 7ff7a0c3da24 17964->17967 17965->17964 17966 7ff7a0c43304 45 API calls 17965->17966 17966->17964 17968 7ff7a0c3da3d 17967->17968 17969 7ff7a0c3480f 17967->17969 17968->17969 17970 7ff7a0c42650 45 API calls 17968->17970 17969->17720 17970->17969 17974 7ff7a0c46d88 17971->17974 17977 7ff7a0c46dec 17974->17977 17975 7ff7a0c2c550 _log10_special 8 API calls 17976 7ff7a0c400bd 17975->17976 17976->17821 17977->17975 17979 7ff7a0c30ffd 17978->17979 17980 7ff7a0c3100f 17978->17980 17981 7ff7a0c34f08 _set_fmode 11 API calls 17979->17981 17983 7ff7a0c3101d 17980->17983 17987 7ff7a0c31059 17980->17987 17982 7ff7a0c31002 17981->17982 17984 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17982->17984 17985 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 17983->17985 17994 7ff7a0c3100d 17984->17994 17985->17994 17986 7ff7a0c313d5 17988 7ff7a0c34f08 _set_fmode 11 API calls 17986->17988 17986->17994 17987->17986 17989 7ff7a0c34f08 _set_fmode 11 API calls 17987->17989 17990 7ff7a0c31669 17988->17990 17991 7ff7a0c313ca 17989->17991 17992 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17990->17992 17993 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 17991->17993 17992->17994 17993->17986 17994->17685 17996 7ff7a0c30704 17995->17996 18023 7ff7a0c30464 17996->18023 17998 7ff7a0c3071d 17998->17338 18035 7ff7a0c303bc 17999->18035 18003 7ff7a0c2c850 18002->18003 18004 7ff7a0c22930 GetCurrentProcessId 18003->18004 18005 7ff7a0c21c80 49 API calls 18004->18005 18006 7ff7a0c22979 18005->18006 18049 7ff7a0c34984 18006->18049 18011 7ff7a0c21c80 49 API calls 18012 7ff7a0c229ff 18011->18012 18079 7ff7a0c22620 18012->18079 18015 7ff7a0c2c550 _log10_special 8 API calls 18016 7ff7a0c22a31 18015->18016 18016->17377 18018 7ff7a0c30119 18017->18018 18019 7ff7a0c21b89 18017->18019 18020 7ff7a0c34f08 _set_fmode 11 API calls 18018->18020 18019->17376 18019->17377 18021 7ff7a0c3011e 18020->18021 18022 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18021->18022 18022->18019 18024 7ff7a0c304ce 18023->18024 18025 7ff7a0c3048e 18023->18025 18024->18025 18026 7ff7a0c304da 18024->18026 18027 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18025->18027 18034 7ff7a0c3546c EnterCriticalSection 18026->18034 18033 7ff7a0c304b5 18027->18033 18033->17998 18036 7ff7a0c21a20 18035->18036 18037 7ff7a0c303e6 18035->18037 18036->17345 18036->17346 18037->18036 18038 7ff7a0c30432 18037->18038 18039 7ff7a0c303f5 __scrt_get_show_window_mode 18037->18039 18048 7ff7a0c3546c EnterCriticalSection 18038->18048 18042 7ff7a0c34f08 _set_fmode 11 API calls 18039->18042 18044 7ff7a0c3040a 18042->18044 18046 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18044->18046 18046->18036 18050 7ff7a0c349de 18049->18050 18051 7ff7a0c34a03 18050->18051 18053 7ff7a0c34a3f 18050->18053 18052 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18051->18052 18055 7ff7a0c34a2d 18052->18055 18088 7ff7a0c32c10 18053->18088 18057 7ff7a0c2c550 _log10_special 8 API calls 18055->18057 18056 7ff7a0c34ae8 18064 7ff7a0c34b1c 18056->18064 18066 7ff7a0c34af1 18056->18066 18060 7ff7a0c229c3 18057->18060 18058 7ff7a0c3a948 __free_lconv_num 11 API calls 18058->18055 18067 7ff7a0c35160 18060->18067 18061 7ff7a0c34b40 18062 7ff7a0c34b4a 18061->18062 18061->18064 18065 7ff7a0c3a948 __free_lconv_num 11 API calls 18062->18065 18063 7ff7a0c3a948 __free_lconv_num 11 API calls 18063->18055 18064->18058 18065->18055 18066->18063 18068 7ff7a0c3b2c8 _set_fmode 11 API calls 18067->18068 18069 7ff7a0c35177 18068->18069 18070 7ff7a0c229e5 18069->18070 18071 7ff7a0c3eb98 _set_fmode 11 API calls 18069->18071 18074 7ff7a0c351b7 18069->18074 18070->18011 18072 7ff7a0c351ac 18071->18072 18073 7ff7a0c3a948 __free_lconv_num 11 API calls 18072->18073 18073->18074 18074->18070 18223 7ff7a0c3ec20 18074->18223 18077 7ff7a0c3a900 _isindst 17 API calls 18078 7ff7a0c351fc 18077->18078 18080 7ff7a0c2262f 18079->18080 18081 7ff7a0c29390 2 API calls 18080->18081 18082 7ff7a0c22660 18081->18082 18083 7ff7a0c2266f MessageBoxW 18082->18083 18084 7ff7a0c22683 MessageBoxA 18082->18084 18085 7ff7a0c22690 18083->18085 18084->18085 18086 7ff7a0c2c550 _log10_special 8 API calls 18085->18086 18087 7ff7a0c226a0 18086->18087 18087->18015 18089 7ff7a0c32c4e 18088->18089 18090 7ff7a0c32c3e 18088->18090 18091 7ff7a0c32c57 18089->18091 18098 7ff7a0c32c85 18089->18098 18094 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18090->18094 18092 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18091->18092 18093 7ff7a0c32c7d 18092->18093 18093->18056 18093->18061 18093->18064 18093->18066 18094->18093 18095 7ff7a0c347c0 45 API calls 18095->18098 18097 7ff7a0c32f34 18100 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18097->18100 18098->18090 18098->18093 18098->18095 18098->18097 18102 7ff7a0c335a0 18098->18102 18128 7ff7a0c33268 18098->18128 18158 7ff7a0c32af0 18098->18158 18100->18090 18103 7ff7a0c335e2 18102->18103 18104 7ff7a0c33655 18102->18104 18105 7ff7a0c335e8 18103->18105 18106 7ff7a0c3367f 18103->18106 18107 7ff7a0c3365a 18104->18107 18108 7ff7a0c336af 18104->18108 18113 7ff7a0c335ed 18105->18113 18116 7ff7a0c336be 18105->18116 18175 7ff7a0c31b50 18106->18175 18109 7ff7a0c3365c 18107->18109 18110 7ff7a0c3368f 18107->18110 18108->18106 18108->18116 18126 7ff7a0c33618 18108->18126 18112 7ff7a0c335fd 18109->18112 18119 7ff7a0c3366b 18109->18119 18182 7ff7a0c31740 18110->18182 18127 7ff7a0c336ed 18112->18127 18161 7ff7a0c33f04 18112->18161 18113->18112 18117 7ff7a0c33630 18113->18117 18113->18126 18116->18127 18189 7ff7a0c31f60 18116->18189 18117->18127 18171 7ff7a0c343c0 18117->18171 18119->18106 18121 7ff7a0c33670 18119->18121 18123 7ff7a0c34558 37 API calls 18121->18123 18121->18127 18122 7ff7a0c2c550 _log10_special 8 API calls 18124 7ff7a0c33983 18122->18124 18123->18126 18124->18098 18126->18127 18196 7ff7a0c3e858 18126->18196 18127->18122 18129 7ff7a0c33289 18128->18129 18130 7ff7a0c33273 18128->18130 18133 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18129->18133 18140 7ff7a0c332c7 18129->18140 18131 7ff7a0c335e2 18130->18131 18132 7ff7a0c33655 18130->18132 18130->18140 18134 7ff7a0c335e8 18131->18134 18135 7ff7a0c3367f 18131->18135 18136 7ff7a0c3365a 18132->18136 18137 7ff7a0c336af 18132->18137 18133->18140 18145 7ff7a0c335ed 18134->18145 18147 7ff7a0c336be 18134->18147 18141 7ff7a0c31b50 38 API calls 18135->18141 18138 7ff7a0c3365c 18136->18138 18139 7ff7a0c3368f 18136->18139 18137->18135 18137->18147 18157 7ff7a0c33618 18137->18157 18142 7ff7a0c335fd 18138->18142 18149 7ff7a0c3366b 18138->18149 18143 7ff7a0c31740 38 API calls 18139->18143 18140->18098 18141->18157 18144 7ff7a0c33f04 47 API calls 18142->18144 18155 7ff7a0c336ed 18142->18155 18143->18157 18144->18157 18145->18142 18146 7ff7a0c33630 18145->18146 18145->18157 18150 7ff7a0c343c0 47 API calls 18146->18150 18146->18155 18148 7ff7a0c31f60 38 API calls 18147->18148 18147->18155 18148->18157 18149->18135 18151 7ff7a0c33670 18149->18151 18150->18157 18153 7ff7a0c34558 37 API calls 18151->18153 18151->18155 18152 7ff7a0c2c550 _log10_special 8 API calls 18154 7ff7a0c33983 18152->18154 18153->18157 18154->18098 18155->18152 18156 7ff7a0c3e858 47 API calls 18156->18157 18157->18155 18157->18156 18206 7ff7a0c30d14 18158->18206 18162 7ff7a0c33f26 18161->18162 18163 7ff7a0c30b80 12 API calls 18162->18163 18164 7ff7a0c33f6e 18163->18164 18165 7ff7a0c3e570 46 API calls 18164->18165 18166 7ff7a0c34041 18165->18166 18167 7ff7a0c347c0 45 API calls 18166->18167 18168 7ff7a0c34063 18166->18168 18167->18168 18169 7ff7a0c347c0 45 API calls 18168->18169 18170 7ff7a0c340ec 18168->18170 18169->18170 18170->18126 18172 7ff7a0c343d8 18171->18172 18174 7ff7a0c34440 18171->18174 18173 7ff7a0c3e858 47 API calls 18172->18173 18172->18174 18173->18174 18174->18126 18176 7ff7a0c31b83 18175->18176 18177 7ff7a0c31bb2 18176->18177 18179 7ff7a0c31c6f 18176->18179 18178 7ff7a0c30b80 12 API calls 18177->18178 18181 7ff7a0c31bef 18177->18181 18178->18181 18180 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18179->18180 18180->18181 18181->18126 18183 7ff7a0c31773 18182->18183 18184 7ff7a0c317a2 18183->18184 18186 7ff7a0c3185f 18183->18186 18185 7ff7a0c30b80 12 API calls 18184->18185 18188 7ff7a0c317df 18184->18188 18185->18188 18187 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18186->18187 18187->18188 18188->18126 18190 7ff7a0c31f93 18189->18190 18191 7ff7a0c31fc2 18190->18191 18193 7ff7a0c3207f 18190->18193 18192 7ff7a0c30b80 12 API calls 18191->18192 18194 7ff7a0c31fff 18191->18194 18192->18194 18195 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18193->18195 18194->18126 18195->18194 18197 7ff7a0c3e880 18196->18197 18198 7ff7a0c3e8ae __scrt_get_show_window_mode 18197->18198 18199 7ff7a0c347c0 45 API calls 18197->18199 18201 7ff7a0c3e8c5 18197->18201 18204 7ff7a0c3e885 __scrt_get_show_window_mode 18197->18204 18200 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18198->18200 18198->18204 18199->18201 18200->18204 18201->18198 18202 7ff7a0c407e8 WideCharToMultiByte 18201->18202 18201->18204 18203 7ff7a0c3e9a1 18202->18203 18203->18204 18205 7ff7a0c3e9b6 GetLastError 18203->18205 18204->18126 18205->18198 18205->18204 18207 7ff7a0c30d41 18206->18207 18208 7ff7a0c30d53 18206->18208 18209 7ff7a0c34f08 _set_fmode 11 API calls 18207->18209 18210 7ff7a0c30d60 18208->18210 18214 7ff7a0c30d9d 18208->18214 18211 7ff7a0c30d46 18209->18211 18213 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 18210->18213 18212 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18211->18212 18218 7ff7a0c30d51 18212->18218 18213->18218 18215 7ff7a0c30e46 18214->18215 18216 7ff7a0c34f08 _set_fmode 11 API calls 18214->18216 18217 7ff7a0c34f08 _set_fmode 11 API calls 18215->18217 18215->18218 18219 7ff7a0c30e3b 18216->18219 18220 7ff7a0c30ef0 18217->18220 18218->18098 18221 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18219->18221 18222 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18220->18222 18221->18215 18222->18218 18226 7ff7a0c3ec3d 18223->18226 18224 7ff7a0c3ec42 18225 7ff7a0c34f08 _set_fmode 11 API calls 18224->18225 18229 7ff7a0c351dd 18224->18229 18231 7ff7a0c3ec4c 18225->18231 18226->18224 18228 7ff7a0c3ec8c 18226->18228 18226->18229 18227 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18227->18229 18228->18229 18230 7ff7a0c34f08 _set_fmode 11 API calls 18228->18230 18229->18070 18229->18077 18230->18231 18231->18227 18233 7ff7a0c38258 18232->18233 18234 7ff7a0c38245 18232->18234 18242 7ff7a0c37ebc 18233->18242 18235 7ff7a0c34f08 _set_fmode 11 API calls 18234->18235 18237 7ff7a0c3824a 18235->18237 18238 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18237->18238 18240 7ff7a0c38256 18238->18240 18240->17397 18249 7ff7a0c402d8 EnterCriticalSection 18242->18249 18251 7ff7a0c285b1 GetTokenInformation 18250->18251 18252 7ff7a0c28633 __std_exception_destroy 18250->18252 18253 7ff7a0c285d2 GetLastError 18251->18253 18254 7ff7a0c285dd 18251->18254 18255 7ff7a0c2864c 18252->18255 18256 7ff7a0c28646 CloseHandle 18252->18256 18253->18252 18253->18254 18254->18252 18257 7ff7a0c285f9 GetTokenInformation 18254->18257 18255->17402 18256->18255 18257->18252 18258 7ff7a0c2861c 18257->18258 18258->18252 18259 7ff7a0c28626 ConvertSidToStringSidW 18258->18259 18259->18252 18261 7ff7a0c2c850 18260->18261 18262 7ff7a0c22b74 GetCurrentProcessId 18261->18262 18263 7ff7a0c226b0 48 API calls 18262->18263 18264 7ff7a0c22bc7 18263->18264 18265 7ff7a0c34bd8 48 API calls 18264->18265 18266 7ff7a0c22c10 MessageBoxW 18265->18266 18267 7ff7a0c2c550 _log10_special 8 API calls 18266->18267 18268 7ff7a0c22c40 18267->18268 18268->17414 18270 7ff7a0c225e5 18269->18270 18271 7ff7a0c34bd8 48 API calls 18270->18271 18272 7ff7a0c22604 18271->18272 18272->17427 18308 7ff7a0c38794 18273->18308 18277 7ff7a0c281dc 18276->18277 18278 7ff7a0c29390 2 API calls 18277->18278 18279 7ff7a0c281fb 18278->18279 18280 7ff7a0c28216 ExpandEnvironmentStringsW 18279->18280 18281 7ff7a0c28203 18279->18281 18283 7ff7a0c2823c __std_exception_destroy 18280->18283 18282 7ff7a0c22810 49 API calls 18281->18282 18289 7ff7a0c2820f __std_exception_destroy 18282->18289 18284 7ff7a0c28240 18283->18284 18285 7ff7a0c28253 18283->18285 18286 7ff7a0c22810 49 API calls 18284->18286 18290 7ff7a0c28261 GetDriveTypeW 18285->18290 18291 7ff7a0c282bf 18285->18291 18286->18289 18287 7ff7a0c2c550 _log10_special 8 API calls 18288 7ff7a0c283af 18287->18288 18288->17426 18288->17429 18289->18287 18294 7ff7a0c282b0 18290->18294 18295 7ff7a0c28295 18290->18295 18292 7ff7a0c37e08 45 API calls 18291->18292 18296 7ff7a0c282d1 18292->18296 18431 7ff7a0c3796c 18294->18431 18297 7ff7a0c22810 49 API calls 18295->18297 18299 7ff7a0c282d9 18296->18299 18300 7ff7a0c282ec 18296->18300 18297->18289 18349 7ff7a0c41558 18308->18349 18408 7ff7a0c412d0 18349->18408 18429 7ff7a0c402d8 EnterCriticalSection 18408->18429 18432 7ff7a0c379bd 18431->18432 18433 7ff7a0c3798a 18431->18433 18432->18289 18433->18432 18438 7ff7a0c40474 18433->18438 18448 7ff7a0c2456a 18447->18448 18449 7ff7a0c29390 2 API calls 18448->18449 18450 7ff7a0c2458f 18449->18450 18451 7ff7a0c2c550 _log10_special 8 API calls 18450->18451 18452 7ff7a0c245b7 18451->18452 18452->17464 18454 7ff7a0c27e2e 18453->18454 18455 7ff7a0c21c80 49 API calls 18454->18455 18458 7ff7a0c27f52 18454->18458 18461 7ff7a0c27eb5 18455->18461 18456 7ff7a0c2c550 _log10_special 8 API calls 18457 7ff7a0c27f83 18456->18457 18457->17464 18458->18456 18459 7ff7a0c21c80 49 API calls 18459->18461 18460 7ff7a0c24560 10 API calls 18460->18461 18461->18458 18461->18459 18461->18460 18462 7ff7a0c29390 2 API calls 18461->18462 18463 7ff7a0c27f23 CreateDirectoryW 18462->18463 18463->18458 18463->18461 18465 7ff7a0c21637 18464->18465 18466 7ff7a0c21613 18464->18466 18468 7ff7a0c245c0 108 API calls 18465->18468 18585 7ff7a0c21050 18466->18585 18469 7ff7a0c2164b 18468->18469 18471 7ff7a0c21682 18469->18471 18472 7ff7a0c21653 18469->18472 18470 7ff7a0c21618 18473 7ff7a0c2162e 18470->18473 18476 7ff7a0c22710 54 API calls 18470->18476 18475 7ff7a0c245c0 108 API calls 18471->18475 18474 7ff7a0c34f08 _set_fmode 11 API calls 18472->18474 18473->17464 18477 7ff7a0c21658 18474->18477 18478 7ff7a0c21696 18475->18478 18476->18473 18479 7ff7a0c22910 54 API calls 18477->18479 18480 7ff7a0c216b8 18478->18480 18481 7ff7a0c2169e 18478->18481 18482 7ff7a0c21671 18479->18482 18484 7ff7a0c306d4 73 API calls 18480->18484 18483 7ff7a0c22710 54 API calls 18481->18483 18482->17464 18485 7ff7a0c216ae 18483->18485 18486 7ff7a0c216cd 18484->18486 18492 7ff7a0c3004c 74 API calls 18485->18492 18487 7ff7a0c216f9 18486->18487 18488 7ff7a0c216d1 18486->18488 18490 7ff7a0c21717 18487->18490 18491 7ff7a0c216ff 18487->18491 18489 7ff7a0c34f08 _set_fmode 11 API calls 18488->18489 18493 7ff7a0c216d6 18489->18493 18497 7ff7a0c21739 18490->18497 18507 7ff7a0c21761 18490->18507 18563 7ff7a0c21210 18491->18563 18495 7ff7a0c21829 18492->18495 18496 7ff7a0c22910 54 API calls 18493->18496 18495->17464 18503 7ff7a0c216ef __std_exception_destroy 18496->18503 18499 7ff7a0c34f08 _set_fmode 11 API calls 18497->18499 18500 7ff7a0c2173e 18499->18500 18501 7ff7a0c3039c _fread_nolock 53 API calls 18501->18507 18504 7ff7a0c217da 18507->18501 18507->18503 18507->18504 18509 7ff7a0c217c5 18507->18509 18616 7ff7a0c30adc 18507->18616 18513 7ff7a0c2718b 18512->18513 18515 7ff7a0c27144 18512->18515 18513->17464 18515->18513 18649 7ff7a0c35024 18515->18649 18517 7ff7a0c241a1 18516->18517 18518 7ff7a0c244e0 49 API calls 18517->18518 18519 7ff7a0c241db 18518->18519 18520 7ff7a0c244e0 49 API calls 18519->18520 18521 7ff7a0c241eb 18520->18521 18522 7ff7a0c2423c 18521->18522 18523 7ff7a0c2420d 18521->18523 18525 7ff7a0c24110 51 API calls 18522->18525 18664 7ff7a0c24110 18523->18664 18526 7ff7a0c2423a 18525->18526 18527 7ff7a0c24267 18526->18527 18528 7ff7a0c2429c 18526->18528 18671 7ff7a0c27cf0 18527->18671 18530 7ff7a0c24110 51 API calls 18528->18530 18531 7ff7a0c242c0 18530->18531 18533 7ff7a0c24110 51 API calls 18531->18533 18541 7ff7a0c24312 18531->18541 18536 7ff7a0c242e9 18533->18536 18534 7ff7a0c24393 18536->18541 18541->18534 18547 7ff7a0c2438c 18541->18547 18548 7ff7a0c24317 18541->18548 18550 7ff7a0c2437b 18541->18550 18547->18548 18561 7ff7a0c21c80 49 API calls 18560->18561 18562 7ff7a0c24474 18561->18562 18562->17464 18564 7ff7a0c21268 18563->18564 18565 7ff7a0c21297 18564->18565 18566 7ff7a0c2126f 18564->18566 18586 7ff7a0c245c0 108 API calls 18585->18586 18587 7ff7a0c2108c 18586->18587 18588 7ff7a0c210a9 18587->18588 18589 7ff7a0c21094 18587->18589 18591 7ff7a0c306d4 73 API calls 18588->18591 18590 7ff7a0c22710 54 API calls 18589->18590 18596 7ff7a0c210a4 __std_exception_destroy 18590->18596 18592 7ff7a0c210bf 18591->18592 18593 7ff7a0c210c3 18592->18593 18594 7ff7a0c210e6 18592->18594 18595 7ff7a0c34f08 _set_fmode 11 API calls 18593->18595 18598 7ff7a0c210f7 18594->18598 18599 7ff7a0c21122 18594->18599 18597 7ff7a0c210c8 18595->18597 18596->18470 18600 7ff7a0c22910 54 API calls 18597->18600 18601 7ff7a0c34f08 _set_fmode 11 API calls 18598->18601 18602 7ff7a0c21129 18599->18602 18610 7ff7a0c2113c 18599->18610 18607 7ff7a0c210e1 __std_exception_destroy 18600->18607 18603 7ff7a0c21100 18601->18603 18604 7ff7a0c21210 92 API calls 18602->18604 18605 7ff7a0c22910 54 API calls 18603->18605 18604->18607 18605->18607 18606 7ff7a0c3004c 74 API calls 18609 7ff7a0c211b4 18606->18609 18607->18606 18608 7ff7a0c3039c _fread_nolock 53 API calls 18608->18610 18609->18596 18610->18607 18610->18608 18611 7ff7a0c211ed 18610->18611 18613 7ff7a0c34f08 _set_fmode 11 API calls 18611->18613 18614 7ff7a0c211f2 18613->18614 18650 7ff7a0c35031 18649->18650 18652 7ff7a0c3505e 18649->18652 18651 7ff7a0c34f08 _set_fmode 11 API calls 18650->18651 18661 7ff7a0c34fe8 18650->18661 18655 7ff7a0c3503b 18651->18655 18653 7ff7a0c35081 18652->18653 18654 7ff7a0c3509d 18652->18654 18656 7ff7a0c34f08 _set_fmode 11 API calls 18653->18656 18657 7ff7a0c34f4c 45 API calls 18654->18657 18658 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18655->18658 18659 7ff7a0c35086 18656->18659 18663 7ff7a0c35091 18657->18663 18660 7ff7a0c35046 18658->18660 18662 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18659->18662 18660->18515 18661->18515 18662->18663 18663->18515 18665 7ff7a0c24136 18664->18665 18666 7ff7a0c34984 49 API calls 18665->18666 18667 7ff7a0c2415c 18666->18667 18668 7ff7a0c2416d 18667->18668 18669 7ff7a0c24560 10 API calls 18667->18669 18668->18526 18670 7ff7a0c2417f 18669->18670 18670->18526 18672 7ff7a0c27d05 18671->18672 18673 7ff7a0c245c0 108 API calls 18672->18673 18674 7ff7a0c27d2b 18673->18674 18728 7ff7a0c35ec8 18727->18728 18729 7ff7a0c35eee 18728->18729 18732 7ff7a0c35f21 18728->18732 18730 7ff7a0c34f08 _set_fmode 11 API calls 18729->18730 18731 7ff7a0c35ef3 18730->18731 18735 7ff7a0c3a8e0 _invalid_parameter_noinfo 37 API calls 18731->18735 18733 7ff7a0c35f27 18732->18733 18734 7ff7a0c35f34 18732->18734 18736 7ff7a0c34f08 _set_fmode 11 API calls 18733->18736 18746 7ff7a0c3ac28 18734->18746 18738 7ff7a0c24616 18735->18738 18736->18738 18738->17490 18759 7ff7a0c402d8 EnterCriticalSection 18746->18759 19119 7ff7a0c378f8 19118->19119 19122 7ff7a0c373d4 19119->19122 19121 7ff7a0c37911 19121->17500 19123 7ff7a0c3741e 19122->19123 19124 7ff7a0c373ef 19122->19124 19132 7ff7a0c3546c EnterCriticalSection 19123->19132 19125 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 19124->19125 19128 7ff7a0c3740f 19125->19128 19128->19121 19134 7ff7a0c2fe71 19133->19134 19135 7ff7a0c2fe43 19133->19135 19142 7ff7a0c2fe63 19134->19142 19143 7ff7a0c3546c EnterCriticalSection 19134->19143 19136 7ff7a0c3a814 _invalid_parameter_noinfo 37 API calls 19135->19136 19136->19142 19142->17504 19145 7ff7a0c245c0 108 API calls 19144->19145 19146 7ff7a0c21493 19145->19146 19147 7ff7a0c214bc 19146->19147 19148 7ff7a0c2149b 19146->19148 19150 7ff7a0c306d4 73 API calls 19147->19150 19149 7ff7a0c22710 54 API calls 19148->19149 19151 7ff7a0c214ab 19149->19151 19152 7ff7a0c214d1 19150->19152 19151->17530 19153 7ff7a0c214f8 19152->19153 19154 7ff7a0c214d5 19152->19154 19157 7ff7a0c21508 19153->19157 19158 7ff7a0c21532 19153->19158 19155 7ff7a0c34f08 _set_fmode 11 API calls 19154->19155 19156 7ff7a0c214da 19155->19156 19159 7ff7a0c22910 54 API calls 19156->19159 19160 7ff7a0c34f08 _set_fmode 11 API calls 19157->19160 19161 7ff7a0c21538 19158->19161 19169 7ff7a0c2154b 19158->19169 19166 7ff7a0c214f3 __std_exception_destroy 19159->19166 19162 7ff7a0c21510 19160->19162 19163 7ff7a0c21210 92 API calls 19161->19163 19163->19166 19168 7ff7a0c3039c _fread_nolock 53 API calls 19168->19169 19169->19166 19169->19168 19170 7ff7a0c215d6 19169->19170 19251 7ff7a0c26375 19250->19251 19252 7ff7a0c21c80 49 API calls 19251->19252 19253 7ff7a0c263b1 19252->19253 19254 7ff7a0c263ba 19253->19254 19255 7ff7a0c263dd 19253->19255 19256 7ff7a0c22710 54 API calls 19254->19256 19257 7ff7a0c24630 49 API calls 19255->19257 19273 7ff7a0c263d3 19256->19273 19258 7ff7a0c263f5 19257->19258 19259 7ff7a0c26413 19258->19259 19261 7ff7a0c22710 54 API calls 19258->19261 19262 7ff7a0c24560 10 API calls 19259->19262 19260 7ff7a0c2c550 _log10_special 8 API calls 19264 7ff7a0c2336e 19260->19264 19261->19259 19263 7ff7a0c2641d 19262->19263 19265 7ff7a0c2642b 19263->19265 19266 7ff7a0c28e80 3 API calls 19263->19266 19264->17604 19281 7ff7a0c26500 19264->19281 19267 7ff7a0c24630 49 API calls 19265->19267 19266->19265 19268 7ff7a0c26444 19267->19268 19269 7ff7a0c26469 19268->19269 19270 7ff7a0c26449 19268->19270 19272 7ff7a0c28e80 3 API calls 19269->19272 19271 7ff7a0c22710 54 API calls 19270->19271 19271->19273 19273->19260 19430 7ff7a0c25400 19281->19430 19283 7ff7a0c26526 19432 7ff7a0c2542c 19430->19432 19431 7ff7a0c25434 19431->19283 19432->19431 19435 7ff7a0c255d4 19432->19435 19461 7ff7a0c36aa4 19432->19461 19433 7ff7a0c25797 __std_exception_destroy 19433->19283 19434 7ff7a0c247d0 47 API calls 19434->19435 19435->19433 19435->19434 19462 7ff7a0c36ad4 19461->19462 19465 7ff7a0c35fa0 19462->19465 19523->17608 19525 7ff7a0c3b150 __CxxCallCatchBlock 45 API calls 19524->19525 19526 7ff7a0c3a3e1 19525->19526 19527 7ff7a0c3a504 __CxxCallCatchBlock 45 API calls 19526->19527 19528 7ff7a0c3a401 19527->19528

                                                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C289E0 Relevance: 70.3, APIs: 36, Strings: 4, Instructions: 257synchronizationwindowregistryCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 0 7ff7a0c289e0-7ff7a0c28b26 call 7ff7a0c2c850 call 7ff7a0c29390 SetConsoleCtrlHandler GetStartupInfoW call 7ff7a0c353f0 call 7ff7a0c3a47c call 7ff7a0c3871c call 7ff7a0c353f0 call 7ff7a0c3a47c call 7ff7a0c3871c call 7ff7a0c353f0 call 7ff7a0c3a47c call 7ff7a0c3871c GetCommandLineW CreateProcessW 23 7ff7a0c28b28-7ff7a0c28b48 GetLastError call 7ff7a0c22c50 0->23 24 7ff7a0c28b4d-7ff7a0c28b89 RegisterClassW 0->24 32 7ff7a0c28e39-7ff7a0c28e5f call 7ff7a0c2c550 23->32 26 7ff7a0c28b8b GetLastError 24->26 27 7ff7a0c28b91-7ff7a0c28be5 CreateWindowExW 24->27 26->27 29 7ff7a0c28be7-7ff7a0c28bed GetLastError 27->29 30 7ff7a0c28bef-7ff7a0c28bf4 ShowWindow 27->30 31 7ff7a0c28bfa-7ff7a0c28c0a WaitForSingleObject 29->31 30->31 33 7ff7a0c28c88-7ff7a0c28c8f 31->33 34 7ff7a0c28c0c 31->34 37 7ff7a0c28c91-7ff7a0c28ca1 WaitForSingleObject 33->37 38 7ff7a0c28cd2-7ff7a0c28cd9 33->38 36 7ff7a0c28c10-7ff7a0c28c13 34->36 40 7ff7a0c28c1b-7ff7a0c28c22 36->40 41 7ff7a0c28c15 GetLastError 36->41 42 7ff7a0c28ca7-7ff7a0c28cb7 TerminateProcess 37->42 43 7ff7a0c28df8-7ff7a0c28e02 37->43 44 7ff7a0c28cdf-7ff7a0c28cf5 QueryPerformanceFrequency QueryPerformanceCounter 38->44 45 7ff7a0c28dc0-7ff7a0c28dd9 GetMessageW 38->45 40->37 47 7ff7a0c28c24-7ff7a0c28c41 PeekMessageW 40->47 41->40 52 7ff7a0c28cb9 GetLastError 42->52 53 7ff7a0c28cbf-7ff7a0c28ccd WaitForSingleObject 42->53 50 7ff7a0c28e11-7ff7a0c28e35 GetExitCodeProcess CloseHandle * 2 43->50 51 7ff7a0c28e04-7ff7a0c28e0a DestroyWindow 43->51 46 7ff7a0c28d00-7ff7a0c28d38 MsgWaitForMultipleObjects PeekMessageW 44->46 48 7ff7a0c28ddb-7ff7a0c28de9 TranslateMessage DispatchMessageW 45->48 49 7ff7a0c28def-7ff7a0c28df6 45->49 54 7ff7a0c28d3a 46->54 55 7ff7a0c28d73-7ff7a0c28d7a 46->55 56 7ff7a0c28c76-7ff7a0c28c86 WaitForSingleObject 47->56 57 7ff7a0c28c43-7ff7a0c28c74 TranslateMessage DispatchMessageW PeekMessageW 47->57 48->49 49->43 49->45 50->32 51->50 52->53 53->43 58 7ff7a0c28d40-7ff7a0c28d71 TranslateMessage DispatchMessageW PeekMessageW 54->58 55->45 59 7ff7a0c28d7c-7ff7a0c28da5 QueryPerformanceCounter 55->59 56->33 56->36 57->56 57->57 58->55 58->58 59->46 60 7ff7a0c28dab-7ff7a0c28db2 59->60 60->43 61 7ff7a0c28db4-7ff7a0c28db8 60->61 61->45
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Message$ErrorLast$ObjectProcessSingleWait$CloseCreateHandlePeekWindow_invalid_parameter_noinfo$ByteCharClassCodeCommandConsoleCtrlCurrentDestroyDispatchExitFormatHandlerInfoLineMultiRegisterStartupTerminateTranslateWide
                                                                                                                                                                                                                                                                                                            • String ID: CreateProcessW$Failed to create child process!$PyInstaller Onefile Hidden Window$PyInstallerOnefileHiddenWindow
                                                                                                                                                                                                                                                                                                            • API String ID: 3832162212-3165540532
                                                                                                                                                                                                                                                                                                            • Opcode ID: 99838be411f58a84d89697932930ae4644c798f1dd42cd928399edbb9bf0e48e
                                                                                                                                                                                                                                                                                                            • Instruction ID: 324539aa36e1e3a7faa4901d4355a7077700b0ba9f679304f74ae0a77b443419
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 99838be411f58a84d89697932930ae4644c798f1dd42cd928399edbb9bf0e48e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2D17231A0AA8386E710AF74E8582EDB765FF88758F810635DA5D42BB5DF3CE148C720
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21000 Relevance: 61.8, APIs: 7, Strings: 28, Instructions: 511COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 62 7ff7a0c21000-7ff7a0c23806 call 7ff7a0c2fe18 call 7ff7a0c2fe20 call 7ff7a0c2c850 call 7ff7a0c353f0 call 7ff7a0c35484 call 7ff7a0c236b0 76 7ff7a0c23808-7ff7a0c2380f 62->76 77 7ff7a0c23814-7ff7a0c23836 call 7ff7a0c21950 62->77 78 7ff7a0c23c97-7ff7a0c23cb2 call 7ff7a0c2c550 76->78 83 7ff7a0c2383c-7ff7a0c23856 call 7ff7a0c21c80 77->83 84 7ff7a0c2391b-7ff7a0c23931 call 7ff7a0c245c0 77->84 88 7ff7a0c2385b-7ff7a0c2389b call 7ff7a0c28830 83->88 90 7ff7a0c2396a-7ff7a0c2397f call 7ff7a0c22710 84->90 91 7ff7a0c23933-7ff7a0c23960 call 7ff7a0c27f90 84->91 95 7ff7a0c2389d-7ff7a0c238a3 88->95 96 7ff7a0c238c1-7ff7a0c238cc call 7ff7a0c34f30 88->96 104 7ff7a0c23c8f 90->104 102 7ff7a0c23962-7ff7a0c23965 call 7ff7a0c3004c 91->102 103 7ff7a0c23984-7ff7a0c239a6 call 7ff7a0c21c80 91->103 99 7ff7a0c238af-7ff7a0c238bd call 7ff7a0c289a0 95->99 100 7ff7a0c238a5-7ff7a0c238ad 95->100 111 7ff7a0c239fc-7ff7a0c23a06 call 7ff7a0c28940 96->111 112 7ff7a0c238d2-7ff7a0c238e1 call 7ff7a0c28830 96->112 99->96 100->99 102->90 113 7ff7a0c239b0-7ff7a0c239b9 103->113 104->78 118 7ff7a0c23a0b-7ff7a0c23a2a call 7ff7a0c289a0 * 3 111->118 120 7ff7a0c238e7-7ff7a0c238ed 112->120 121 7ff7a0c239f4-7ff7a0c239f7 call 7ff7a0c34f30 112->121 113->113 116 7ff7a0c239bb-7ff7a0c239d8 call 7ff7a0c21950 113->116 116->88 128 7ff7a0c239de-7ff7a0c239ef call 7ff7a0c22710 116->128 137 7ff7a0c23a2f-7ff7a0c23a3e call 7ff7a0c28830 118->137 125 7ff7a0c238f0-7ff7a0c238fc 120->125 121->111 129 7ff7a0c238fe-7ff7a0c23903 125->129 130 7ff7a0c23905-7ff7a0c23908 125->130 128->104 129->125 129->130 130->121 132 7ff7a0c2390e-7ff7a0c23916 call 7ff7a0c34f30 130->132 132->137 141 7ff7a0c23a44-7ff7a0c23a47 137->141 142 7ff7a0c23b45-7ff7a0c23b53 137->142 141->142 145 7ff7a0c23a4d-7ff7a0c23a50 141->145 143 7ff7a0c23a67 142->143 144 7ff7a0c23b59-7ff7a0c23b5d 142->144 146 7ff7a0c23a6b-7ff7a0c23a90 call 7ff7a0c34f30 143->146 144->146 147 7ff7a0c23b14-7ff7a0c23b17 145->147 148 7ff7a0c23a56-7ff7a0c23a5a 145->148 157 7ff7a0c23aab-7ff7a0c23ac0 146->157 158 7ff7a0c23a92-7ff7a0c23aa6 call 7ff7a0c28940 146->158 150 7ff7a0c23b19-7ff7a0c23b1d 147->150 151 7ff7a0c23b2f-7ff7a0c23b40 call 7ff7a0c22710 147->151 148->147 149 7ff7a0c23a60 148->149 149->143 150->151 153 7ff7a0c23b1f-7ff7a0c23b2a 150->153 161 7ff7a0c23c7f-7ff7a0c23c87 151->161 153->146 159 7ff7a0c23be8-7ff7a0c23bfa call 7ff7a0c28830 157->159 160 7ff7a0c23ac6-7ff7a0c23aca 157->160 158->157 169 7ff7a0c23bfc-7ff7a0c23c02 159->169 170 7ff7a0c23c2e 159->170 164 7ff7a0c23bcd-7ff7a0c23be2 call 7ff7a0c21940 160->164 165 7ff7a0c23ad0-7ff7a0c23ae8 call 7ff7a0c35250 160->165 161->104 164->159 164->160 175 7ff7a0c23aea-7ff7a0c23b02 call 7ff7a0c35250 165->175 176 7ff7a0c23b62-7ff7a0c23b7a call 7ff7a0c35250 165->176 173 7ff7a0c23c1e-7ff7a0c23c2c 169->173 174 7ff7a0c23c04-7ff7a0c23c1c 169->174 177 7ff7a0c23c31-7ff7a0c23c40 call 7ff7a0c34f30 170->177 173->177 174->177 175->164 186 7ff7a0c23b08-7ff7a0c23b0f 175->186 184 7ff7a0c23b87-7ff7a0c23b9f call 7ff7a0c35250 176->184 185 7ff7a0c23b7c-7ff7a0c23b80 176->185 187 7ff7a0c23d41-7ff7a0c23d63 call 7ff7a0c244e0 177->187 188 7ff7a0c23c46-7ff7a0c23c4a 177->188 197 7ff7a0c23bac-7ff7a0c23bc4 call 7ff7a0c35250 184->197 198 7ff7a0c23ba1-7ff7a0c23ba5 184->198 185->184 186->164 201 7ff7a0c23d71-7ff7a0c23d82 call 7ff7a0c21c80 187->201 202 7ff7a0c23d65-7ff7a0c23d6f call 7ff7a0c24630 187->202 190 7ff7a0c23c50-7ff7a0c23c5f call 7ff7a0c290e0 188->190 191 7ff7a0c23cd4-7ff7a0c23ce6 call 7ff7a0c28830 188->191 206 7ff7a0c23c61 190->206 207 7ff7a0c23cb3-7ff7a0c23cb6 call 7ff7a0c28660 190->207 208 7ff7a0c23ce8-7ff7a0c23ceb 191->208 209 7ff7a0c23d35-7ff7a0c23d3c 191->209 197->164 221 7ff7a0c23bc6 197->221 198->197 212 7ff7a0c23d87-7ff7a0c23d96 201->212 202->212 215 7ff7a0c23c68 call 7ff7a0c22710 206->215 220 7ff7a0c23cbb-7ff7a0c23cbd 207->220 208->209 210 7ff7a0c23ced-7ff7a0c23d10 call 7ff7a0c21c80 208->210 209->215 228 7ff7a0c23d2b-7ff7a0c23d33 call 7ff7a0c34f30 210->228 229 7ff7a0c23d12-7ff7a0c23d26 call 7ff7a0c22710 call 7ff7a0c34f30 210->229 218 7ff7a0c23d98-7ff7a0c23d9f 212->218 219 7ff7a0c23dc4-7ff7a0c23dda call 7ff7a0c29390 212->219 222 7ff7a0c23c6d-7ff7a0c23c77 215->222 218->219 224 7ff7a0c23da1-7ff7a0c23da5 218->224 234 7ff7a0c23de8-7ff7a0c23e04 SetDllDirectoryW 219->234 235 7ff7a0c23ddc 219->235 226 7ff7a0c23cc8-7ff7a0c23ccf 220->226 227 7ff7a0c23cbf-7ff7a0c23cc6 220->227 221->164 222->161 224->219 230 7ff7a0c23da7-7ff7a0c23dbe SetDllDirectoryW LoadLibraryExW 224->230 226->212 227->215 228->212 229->222 230->219 238 7ff7a0c23e0a-7ff7a0c23e19 call 7ff7a0c28830 234->238 239 7ff7a0c23f01-7ff7a0c23f08 234->239 235->234 249 7ff7a0c23e1b-7ff7a0c23e21 238->249 250 7ff7a0c23e32-7ff7a0c23e3c call 7ff7a0c34f30 238->250 241 7ff7a0c24008-7ff7a0c24010 239->241 242 7ff7a0c23f0e-7ff7a0c23f15 239->242 247 7ff7a0c24012-7ff7a0c2402f PostMessageW GetMessageW 241->247 248 7ff7a0c24035-7ff7a0c24067 call 7ff7a0c236a0 call 7ff7a0c23360 call 7ff7a0c23670 call 7ff7a0c26fc0 call 7ff7a0c26d70 241->248 242->241 246 7ff7a0c23f1b-7ff7a0c23f25 call 7ff7a0c233c0 242->246 246->222 260 7ff7a0c23f2b-7ff7a0c23f3f call 7ff7a0c290c0 246->260 247->248 254 7ff7a0c23e2d-7ff7a0c23e2f 249->254 255 7ff7a0c23e23-7ff7a0c23e2b 249->255 262 7ff7a0c23ef2-7ff7a0c23efc call 7ff7a0c28940 250->262 263 7ff7a0c23e42-7ff7a0c23e48 250->263 254->250 255->254 269 7ff7a0c23f41-7ff7a0c23f5e PostMessageW GetMessageW 260->269 270 7ff7a0c23f64-7ff7a0c23fa0 call 7ff7a0c28940 call 7ff7a0c289e0 call 7ff7a0c26fc0 call 7ff7a0c26d70 call 7ff7a0c288e0 260->270 262->239 263->262 267 7ff7a0c23e4e-7ff7a0c23e54 263->267 272 7ff7a0c23e5f-7ff7a0c23e61 267->272 273 7ff7a0c23e56-7ff7a0c23e58 267->273 269->270 308 7ff7a0c23fa5-7ff7a0c23fa7 270->308 272->239 276 7ff7a0c23e67-7ff7a0c23e83 call 7ff7a0c26dc0 call 7ff7a0c27340 272->276 273->276 277 7ff7a0c23e5a 273->277 289 7ff7a0c23e8e-7ff7a0c23e95 276->289 290 7ff7a0c23e85-7ff7a0c23e8c 276->290 277->239 293 7ff7a0c23e97-7ff7a0c23ea4 call 7ff7a0c26e00 289->293 294 7ff7a0c23eaf-7ff7a0c23eb9 call 7ff7a0c271b0 289->294 292 7ff7a0c23edb-7ff7a0c23ef0 call 7ff7a0c22a50 call 7ff7a0c26fc0 call 7ff7a0c26d70 290->292 292->239 293->294 305 7ff7a0c23ea6-7ff7a0c23ead 293->305 306 7ff7a0c23ebb-7ff7a0c23ec2 294->306 307 7ff7a0c23ec4-7ff7a0c23ed2 call 7ff7a0c274f0 294->307 305->292 306->292 307->239 319 7ff7a0c23ed4 307->319 311 7ff7a0c23fa9-7ff7a0c23fbf call 7ff7a0c28ed0 call 7ff7a0c288e0 308->311 312 7ff7a0c23ff5-7ff7a0c24003 call 7ff7a0c21900 308->312 311->312 323 7ff7a0c23fc1-7ff7a0c23fd6 311->323 312->222 319->292 324 7ff7a0c23fd8-7ff7a0c23feb call 7ff7a0c22710 call 7ff7a0c21900 323->324 325 7ff7a0c23ff0 call 7ff7a0c22a50 323->325 324->222 325->312
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFileLastModuleName
                                                                                                                                                                                                                                                                                                            • String ID: Could not create temporary directory!$Could not load PyInstaller's embedded PKG archive from the executable (%s)$Could not side-load PyInstaller's PKG archive from external file (%s)$Failed to convert DLL search path!$Failed to initialize security descriptor for temporary directory!$Failed to load Tcl/Tk shared libraries for splash screen!$Failed to load splash screen resources!$Failed to remove temporary directory: %s$Failed to start splash screen!$Failed to unpack splash screen dependencies from PKG archive!$Invalid value in _PYI_PARENT_PROCESS_LEVEL: %s$MEI$PYINSTALLER_RESET_ENVIRONMENT$PYINSTALLER_STRICT_UNPACK_MODE$PYINSTALLER_SUPPRESS_SPLASH_SCREEN$Path exceeds PYI_PATH_MAX limit.$Py_GIL_DISABLED$VCRUNTIME140.dll$_PYI_APPLICATION_HOME_DIR$_PYI_APPLICATION_HOME_DIR not set for onefile child process!$_PYI_ARCHIVE_FILE$_PYI_PARENT_PROCESS_LEVEL$_PYI_SPLASH_IPC$pkg$pyi-contents-directory$pyi-disable-windowed-traceback$pyi-python-flag$pyi-runtime-tmpdir
                                                                                                                                                                                                                                                                                                            • API String ID: 2776309574-4232158417
                                                                                                                                                                                                                                                                                                            • Opcode ID: 9de477ae995940a39e23314e20718922418974b9c8241bfba060ee61ec72f349
                                                                                                                                                                                                                                                                                                            • Instruction ID: ce62b71419867ac1e93813f7d4488f789b4c68764a94113aeaf48454821278f3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9de477ae995940a39e23314e20718922418974b9c8241bfba060ee61ec72f349
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89326D21E0A68391FA19BB3594583F9E651AF58780FC64832DA5D42BF6EF3CF558C320
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C45C00 Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 334timeCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 479 7ff7a0c45c00-7ff7a0c45c3b call 7ff7a0c45588 call 7ff7a0c45590 call 7ff7a0c455f8 486 7ff7a0c45c41-7ff7a0c45c4c call 7ff7a0c45598 479->486 487 7ff7a0c45e65-7ff7a0c45eb1 call 7ff7a0c3a900 call 7ff7a0c45588 call 7ff7a0c45590 call 7ff7a0c455f8 479->487 486->487 492 7ff7a0c45c52-7ff7a0c45c5c 486->492 514 7ff7a0c45eb7-7ff7a0c45ec2 call 7ff7a0c45598 487->514 515 7ff7a0c45fef-7ff7a0c4605d call 7ff7a0c3a900 call 7ff7a0c41578 487->515 494 7ff7a0c45c7e-7ff7a0c45c82 492->494 495 7ff7a0c45c5e-7ff7a0c45c61 492->495 498 7ff7a0c45c85-7ff7a0c45c8d 494->498 497 7ff7a0c45c64-7ff7a0c45c6f 495->497 500 7ff7a0c45c7a-7ff7a0c45c7c 497->500 501 7ff7a0c45c71-7ff7a0c45c78 497->501 498->498 502 7ff7a0c45c8f-7ff7a0c45ca2 call 7ff7a0c3d5fc 498->502 500->494 504 7ff7a0c45cab-7ff7a0c45cb9 500->504 501->497 501->500 509 7ff7a0c45cba-7ff7a0c45cc6 call 7ff7a0c3a948 502->509 510 7ff7a0c45ca4-7ff7a0c45ca6 call 7ff7a0c3a948 502->510 520 7ff7a0c45ccd-7ff7a0c45cd5 509->520 510->504 514->515 522 7ff7a0c45ec8-7ff7a0c45ed3 call 7ff7a0c455c8 514->522 533 7ff7a0c4606b-7ff7a0c4606e 515->533 534 7ff7a0c4605f-7ff7a0c46066 515->534 520->520 523 7ff7a0c45cd7-7ff7a0c45ce8 call 7ff7a0c40474 520->523 522->515 531 7ff7a0c45ed9-7ff7a0c45efc call 7ff7a0c3a948 GetTimeZoneInformation 522->531 523->487 532 7ff7a0c45cee-7ff7a0c45d44 call 7ff7a0c4a4d0 * 4 call 7ff7a0c45b1c 523->532 549 7ff7a0c45f02-7ff7a0c45f23 531->549 550 7ff7a0c45fc4-7ff7a0c45fee call 7ff7a0c45580 call 7ff7a0c45570 call 7ff7a0c45578 531->550 591 7ff7a0c45d46-7ff7a0c45d4a 532->591 535 7ff7a0c46070 533->535 536 7ff7a0c460a5-7ff7a0c460b8 call 7ff7a0c3d5fc 533->536 539 7ff7a0c460fb-7ff7a0c460fe 534->539 540 7ff7a0c46073 535->540 553 7ff7a0c460ba 536->553 554 7ff7a0c460c3-7ff7a0c460de call 7ff7a0c41578 536->554 539->540 544 7ff7a0c46104-7ff7a0c4610c call 7ff7a0c45c00 539->544 546 7ff7a0c46078-7ff7a0c460a4 call 7ff7a0c3a948 call 7ff7a0c2c550 540->546 547 7ff7a0c46073 call 7ff7a0c45e7c 540->547 544->546 547->546 555 7ff7a0c45f2e-7ff7a0c45f35 549->555 556 7ff7a0c45f25-7ff7a0c45f2b 549->556 560 7ff7a0c460bc-7ff7a0c460c1 call 7ff7a0c3a948 553->560 578 7ff7a0c460e0-7ff7a0c460e3 554->578 579 7ff7a0c460e5-7ff7a0c460f7 call 7ff7a0c3a948 554->579 561 7ff7a0c45f49 555->561 562 7ff7a0c45f37-7ff7a0c45f3f 555->562 556->555 560->535 571 7ff7a0c45f4b-7ff7a0c45fbf call 7ff7a0c4a4d0 * 4 call 7ff7a0c42b5c call 7ff7a0c46114 * 2 561->571 562->561 568 7ff7a0c45f41-7ff7a0c45f47 562->568 568->571 571->550 578->560 579->539 593 7ff7a0c45d4c 591->593 594 7ff7a0c45d50-7ff7a0c45d54 591->594 593->594 594->591 596 7ff7a0c45d56-7ff7a0c45d7b call 7ff7a0c36b58 594->596 602 7ff7a0c45d7e-7ff7a0c45d82 596->602 604 7ff7a0c45d91-7ff7a0c45d95 602->604 605 7ff7a0c45d84-7ff7a0c45d8f 602->605 604->602 605->604 607 7ff7a0c45d97-7ff7a0c45d9b 605->607 610 7ff7a0c45d9d-7ff7a0c45dc5 call 7ff7a0c36b58 607->610 611 7ff7a0c45e1c-7ff7a0c45e20 607->611 619 7ff7a0c45dc7 610->619 620 7ff7a0c45de3-7ff7a0c45de7 610->620 612 7ff7a0c45e27-7ff7a0c45e34 611->612 613 7ff7a0c45e22-7ff7a0c45e24 611->613 615 7ff7a0c45e4f-7ff7a0c45e5e call 7ff7a0c45580 call 7ff7a0c45570 612->615 616 7ff7a0c45e36-7ff7a0c45e4c call 7ff7a0c45b1c 612->616 613->612 615->487 616->615 625 7ff7a0c45dca-7ff7a0c45dd1 619->625 620->611 623 7ff7a0c45de9-7ff7a0c45e07 call 7ff7a0c36b58 620->623 631 7ff7a0c45e13-7ff7a0c45e1a 623->631 625->620 626 7ff7a0c45dd3-7ff7a0c45de1 625->626 626->620 626->625 631->611 632 7ff7a0c45e09-7ff7a0c45e0d 631->632 632->611 633 7ff7a0c45e0f 632->633 633->631
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45C45
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C45598: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C455AC
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: RtlFreeHeap.NTDLL(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A95E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: GetLastError.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A968
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A900: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF7A0C3A8DF,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3A909
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A900: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF7A0C3A8DF,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3A92E
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45C34
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C455F8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C4560C
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45EAA
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45EBB
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45ECC
                                                                                                                                                                                                                                                                                                            • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF7A0C4610C), ref: 00007FF7A0C45EF3
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _get_daylight$_invalid_parameter_noinfo$CurrentErrorFeatureFreeHeapInformationLastPresentProcessProcessorTimeZone
                                                                                                                                                                                                                                                                                                            • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                                                                                                                                                                                                                            • API String ID: 4070488512-239921721
                                                                                                                                                                                                                                                                                                            • Opcode ID: c8e181fbda5929fcc8f6a75e148055e791a7ddaa32984997676ab034941af52a
                                                                                                                                                                                                                                                                                                            • Instruction ID: c827a8b704efc6133748e72e1c55aa9692c1883c1f362e0ed5c52e182f8ecf8e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c8e181fbda5929fcc8f6a75e148055e791a7ddaa32984997676ab034941af52a
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C4D1BE26E0A24346E724BF21D4581F9B762FF84B84FC69835EA0D477A6DE3EF4418760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C46964 Relevance: 13.8, APIs: 9, Instructions: 276fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 693 7ff7a0c46964-7ff7a0c469d7 call 7ff7a0c46698 696 7ff7a0c469d9-7ff7a0c469e2 call 7ff7a0c34ee8 693->696 697 7ff7a0c469f1-7ff7a0c469fb call 7ff7a0c38520 693->697 702 7ff7a0c469e5-7ff7a0c469ec call 7ff7a0c34f08 696->702 703 7ff7a0c469fd-7ff7a0c46a14 call 7ff7a0c34ee8 call 7ff7a0c34f08 697->703 704 7ff7a0c46a16-7ff7a0c46a7f CreateFileW 697->704 717 7ff7a0c46d32-7ff7a0c46d52 702->717 703->702 705 7ff7a0c46afc-7ff7a0c46b07 GetFileType 704->705 706 7ff7a0c46a81-7ff7a0c46a87 704->706 712 7ff7a0c46b5a-7ff7a0c46b61 705->712 713 7ff7a0c46b09-7ff7a0c46b44 GetLastError call 7ff7a0c34e7c CloseHandle 705->713 709 7ff7a0c46ac9-7ff7a0c46af7 GetLastError call 7ff7a0c34e7c 706->709 710 7ff7a0c46a89-7ff7a0c46a8d 706->710 709->702 710->709 715 7ff7a0c46a8f-7ff7a0c46ac7 CreateFileW 710->715 720 7ff7a0c46b69-7ff7a0c46b6c 712->720 721 7ff7a0c46b63-7ff7a0c46b67 712->721 713->702 728 7ff7a0c46b4a-7ff7a0c46b55 call 7ff7a0c34f08 713->728 715->705 715->709 722 7ff7a0c46b72-7ff7a0c46bc7 call 7ff7a0c38438 720->722 723 7ff7a0c46b6e 720->723 721->722 731 7ff7a0c46bc9-7ff7a0c46bd5 call 7ff7a0c468a0 722->731 732 7ff7a0c46be6-7ff7a0c46c17 call 7ff7a0c46418 722->732 723->722 728->702 731->732 738 7ff7a0c46bd7 731->738 739 7ff7a0c46c19-7ff7a0c46c1b 732->739 740 7ff7a0c46c1d-7ff7a0c46c5f 732->740 741 7ff7a0c46bd9-7ff7a0c46be1 call 7ff7a0c3aac0 738->741 739->741 742 7ff7a0c46c81-7ff7a0c46c8c 740->742 743 7ff7a0c46c61-7ff7a0c46c65 740->743 741->717 745 7ff7a0c46c92-7ff7a0c46c96 742->745 746 7ff7a0c46d30 742->746 743->742 744 7ff7a0c46c67-7ff7a0c46c7c 743->744 744->742 745->746 748 7ff7a0c46c9c-7ff7a0c46ce1 CloseHandle CreateFileW 745->748 746->717 750 7ff7a0c46d16-7ff7a0c46d2b 748->750 751 7ff7a0c46ce3-7ff7a0c46d11 GetLastError call 7ff7a0c34e7c call 7ff7a0c38660 748->751 750->746 751->750
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: File$CreateErrorLast_invalid_parameter_noinfo$CloseHandle$Type
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1617910340-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: baaa1bd2bfcf3e8d87424e6061cd652f961a4b3dae6ad7eaae94581ee29caa63
                                                                                                                                                                                                                                                                                                            • Instruction ID: 399c1fbaf016836a1ef11d5de561122320bddbc6b3029ca631a8a37340816d76
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: baaa1bd2bfcf3e8d87424e6061cd652f961a4b3dae6ad7eaae94581ee29caa63
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ABC1F536B25A4285EB10EF64C4942ECB762FB49B98F421635DE1E973E9CF39E451C310
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C283C0 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 89fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • FindFirstFileW.KERNELBASE(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C2842B
                                                                                                                                                                                                                                                                                                            • RemoveDirectoryW.KERNEL32(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284AE
                                                                                                                                                                                                                                                                                                            • DeleteFileW.KERNELBASE(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284CD
                                                                                                                                                                                                                                                                                                            • FindNextFileW.KERNELBASE(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284DB
                                                                                                                                                                                                                                                                                                            • FindClose.KERNEL32(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284EC
                                                                                                                                                                                                                                                                                                            • RemoveDirectoryW.KERNELBASE(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284F5
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: FileFind$DirectoryRemove$CloseDeleteFirstNext
                                                                                                                                                                                                                                                                                                            • String ID: %s\*
                                                                                                                                                                                                                                                                                                            • API String ID: 1057558799-766152087
                                                                                                                                                                                                                                                                                                            • Opcode ID: 9215641a051a597ab69d89bbe09b444c24fb25eba6eed844fe9e008ab190e420
                                                                                                                                                                                                                                                                                                            • Instruction ID: 33cc71f86f9548fc4d57eb5c3aaba5799c5d0bf2e36ed91d10fe7c64f97fb7cf
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9215641a051a597ab69d89bbe09b444c24fb25eba6eed844fe9e008ab190e420
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A4416321A0F54385EA20BB34E4581FAA361FF98754FC60A31E55D42BE5EF3CF6498750
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C45E7C Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 143timeCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 1014 7ff7a0c45e7c-7ff7a0c45eb1 call 7ff7a0c45588 call 7ff7a0c45590 call 7ff7a0c455f8 1021 7ff7a0c45eb7-7ff7a0c45ec2 call 7ff7a0c45598 1014->1021 1022 7ff7a0c45fef-7ff7a0c4605d call 7ff7a0c3a900 call 7ff7a0c41578 1014->1022 1021->1022 1027 7ff7a0c45ec8-7ff7a0c45ed3 call 7ff7a0c455c8 1021->1027 1034 7ff7a0c4606b-7ff7a0c4606e 1022->1034 1035 7ff7a0c4605f-7ff7a0c46066 1022->1035 1027->1022 1033 7ff7a0c45ed9-7ff7a0c45efc call 7ff7a0c3a948 GetTimeZoneInformation 1027->1033 1048 7ff7a0c45f02-7ff7a0c45f23 1033->1048 1049 7ff7a0c45fc4-7ff7a0c45fee call 7ff7a0c45580 call 7ff7a0c45570 call 7ff7a0c45578 1033->1049 1036 7ff7a0c46070 1034->1036 1037 7ff7a0c460a5-7ff7a0c460b8 call 7ff7a0c3d5fc 1034->1037 1039 7ff7a0c460fb-7ff7a0c460fe 1035->1039 1040 7ff7a0c46073 1036->1040 1051 7ff7a0c460ba 1037->1051 1052 7ff7a0c460c3-7ff7a0c460de call 7ff7a0c41578 1037->1052 1039->1040 1043 7ff7a0c46104-7ff7a0c4610c call 7ff7a0c45c00 1039->1043 1045 7ff7a0c46078-7ff7a0c460a4 call 7ff7a0c3a948 call 7ff7a0c2c550 1040->1045 1046 7ff7a0c46073 call 7ff7a0c45e7c 1040->1046 1043->1045 1046->1045 1053 7ff7a0c45f2e-7ff7a0c45f35 1048->1053 1054 7ff7a0c45f25-7ff7a0c45f2b 1048->1054 1057 7ff7a0c460bc-7ff7a0c460c1 call 7ff7a0c3a948 1051->1057 1072 7ff7a0c460e0-7ff7a0c460e3 1052->1072 1073 7ff7a0c460e5-7ff7a0c460f7 call 7ff7a0c3a948 1052->1073 1058 7ff7a0c45f49 1053->1058 1059 7ff7a0c45f37-7ff7a0c45f3f 1053->1059 1054->1053 1057->1036 1066 7ff7a0c45f4b-7ff7a0c45fbf call 7ff7a0c4a4d0 * 4 call 7ff7a0c42b5c call 7ff7a0c46114 * 2 1058->1066 1059->1058 1064 7ff7a0c45f41-7ff7a0c45f47 1059->1064 1064->1066 1066->1049 1072->1057 1073->1039
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45EAA
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C455F8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C4560C
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45EBB
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C45598: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C455AC
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45ECC
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C455C8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C455DC
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: RtlFreeHeap.NTDLL(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A95E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: GetLastError.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A968
                                                                                                                                                                                                                                                                                                            • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF7A0C4610C), ref: 00007FF7A0C45EF3
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _get_daylight_invalid_parameter_noinfo$ErrorFreeHeapInformationLastTimeZone
                                                                                                                                                                                                                                                                                                            • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                                                                                                                                                                                                                            • API String ID: 3458911817-239921721
                                                                                                                                                                                                                                                                                                            • Opcode ID: 6f2171165b001c2744b9d494c76d2a7753c36df5ed5d67f3075860c83c0dbe14
                                                                                                                                                                                                                                                                                                            • Instruction ID: 77d9c561876c5e4056c4f1d2fcd7da5cc39117dd5bb79681f97adc3b76609f78
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6f2171165b001c2744b9d494c76d2a7753c36df5ed5d67f3075860c83c0dbe14
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E5516A26E0A64386E720EF21D8851E9B762BF88784F825935EA4D437B6DF3DF4418760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C29280 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Find$CloseFileFirst
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2295610775-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3849ca1beccae91a12aeced599bc73bdbec409d6dd090ca7d2ec6d5d284a4285
                                                                                                                                                                                                                                                                                                            • Instruction ID: 593c126fec37d44b6ff563d3b60d22d6f3dc84bd281c556cceccd4c9cf9ddd38
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3849ca1beccae91a12aeced599bc73bdbec409d6dd090ca7d2ec6d5d284a4285
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6FF0A922A1964386F760AB60B4987A6B350FF84364F450635D9AD01BE4DF3CF0488600
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C408C8 Relevance: 2.0, APIs: 1, Instructions: 461COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentFeaturePresentProcessProcessor
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1010374628-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 537422541fbed36a77ddee3a41e978a3695e14332b64c7d8d0a2d6c09592a1ae
                                                                                                                                                                                                                                                                                                            • Instruction ID: 72db0f733d00966ace3733799659f677dd34d6991b6e682fb6505ac40da15666
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 537422541fbed36a77ddee3a41e978a3695e14332b64c7d8d0a2d6c09592a1ae
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C5029D21A6FA4351FA65BB1194082F9E692BF41BA0FE74E34DD5D463F2DE3EB4018321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21950 Relevance: 22.9, APIs: 2, Strings: 11, Instructions: 184COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 331 7ff7a0c21950-7ff7a0c2198b call 7ff7a0c245c0 334 7ff7a0c21c4e-7ff7a0c21c72 call 7ff7a0c2c550 331->334 335 7ff7a0c21991-7ff7a0c219d1 call 7ff7a0c27f90 331->335 340 7ff7a0c219d7-7ff7a0c219e7 call 7ff7a0c306d4 335->340 341 7ff7a0c21c3b-7ff7a0c21c3e call 7ff7a0c3004c 335->341 346 7ff7a0c21a08-7ff7a0c21a24 call 7ff7a0c3039c 340->346 347 7ff7a0c219e9-7ff7a0c21a03 call 7ff7a0c34f08 call 7ff7a0c22910 340->347 345 7ff7a0c21c43-7ff7a0c21c4b 341->345 345->334 352 7ff7a0c21a26-7ff7a0c21a40 call 7ff7a0c34f08 call 7ff7a0c22910 346->352 353 7ff7a0c21a45-7ff7a0c21a5a call 7ff7a0c34f28 346->353 347->341 352->341 361 7ff7a0c21a5c-7ff7a0c21a76 call 7ff7a0c34f08 call 7ff7a0c22910 353->361 362 7ff7a0c21a7b-7ff7a0c21afc call 7ff7a0c21c80 * 2 call 7ff7a0c306d4 353->362 361->341 373 7ff7a0c21b01-7ff7a0c21b14 call 7ff7a0c34f44 362->373 376 7ff7a0c21b16-7ff7a0c21b30 call 7ff7a0c34f08 call 7ff7a0c22910 373->376 377 7ff7a0c21b35-7ff7a0c21b4e call 7ff7a0c3039c 373->377 376->341 383 7ff7a0c21b50-7ff7a0c21b6a call 7ff7a0c34f08 call 7ff7a0c22910 377->383 384 7ff7a0c21b6f-7ff7a0c21b8b call 7ff7a0c30110 377->384 383->341 391 7ff7a0c21b9e-7ff7a0c21bac 384->391 392 7ff7a0c21b8d-7ff7a0c21b99 call 7ff7a0c22710 384->392 391->341 395 7ff7a0c21bb2-7ff7a0c21bb9 391->395 392->341 397 7ff7a0c21bc1-7ff7a0c21bc7 395->397 398 7ff7a0c21bc9-7ff7a0c21bd6 397->398 399 7ff7a0c21be0-7ff7a0c21bef 397->399 400 7ff7a0c21bf1-7ff7a0c21bfa 398->400 399->399 399->400 401 7ff7a0c21bfc-7ff7a0c21bff 400->401 402 7ff7a0c21c0f 400->402 401->402 403 7ff7a0c21c01-7ff7a0c21c04 401->403 404 7ff7a0c21c11-7ff7a0c21c24 402->404 403->402 405 7ff7a0c21c06-7ff7a0c21c09 403->405 406 7ff7a0c21c2d-7ff7a0c21c39 404->406 407 7ff7a0c21c26 404->407 405->402 408 7ff7a0c21c0b-7ff7a0c21c0d 405->408 406->341 406->397 407->406 408->404
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C27F90: _fread_nolock.LIBCMT ref: 00007FF7A0C2803A
                                                                                                                                                                                                                                                                                                            • _fread_nolock.LIBCMT ref: 00007FF7A0C21A1B
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22910: GetCurrentProcessId.KERNEL32(?,?,?,?,00000000,00000000,?,00000000,00007FF7A0C21B6A), ref: 00007FF7A0C2295E
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _fread_nolock$CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Could not allocate buffer for TOC!$Could not allocate memory for archive structure!$Could not read full TOC!$Error on file.$Failed to read cookie!$Failed to seek to cookie position!$MEI$calloc$fread$fseek$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2397952137-3497178890
                                                                                                                                                                                                                                                                                                            • Opcode ID: dcd0f3d3abb3ddca6b269f826842e7278598d3bbce365c0960ff1da5bfca5a3e
                                                                                                                                                                                                                                                                                                            • Instruction ID: 112cbe7192cf7777d2a11398a42c836753bb25827aa65c99defb6eb02ead2aa7
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dcd0f3d3abb3ddca6b269f826842e7278598d3bbce365c0960ff1da5bfca5a3e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5681A171A0A68386EB24FB24D0542F9A3A1BF58784FC64831ED8D47BA6DE3CF5458760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21600 Relevance: 22.9, APIs: 1, Strings: 12, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 409 7ff7a0c21600-7ff7a0c21611 410 7ff7a0c21637-7ff7a0c21651 call 7ff7a0c245c0 409->410 411 7ff7a0c21613-7ff7a0c2161c call 7ff7a0c21050 409->411 416 7ff7a0c21682-7ff7a0c2169c call 7ff7a0c245c0 410->416 417 7ff7a0c21653-7ff7a0c21681 call 7ff7a0c34f08 call 7ff7a0c22910 410->417 418 7ff7a0c2162e-7ff7a0c21636 411->418 419 7ff7a0c2161e-7ff7a0c21629 call 7ff7a0c22710 411->419 426 7ff7a0c216b8-7ff7a0c216cf call 7ff7a0c306d4 416->426 427 7ff7a0c2169e-7ff7a0c216b3 call 7ff7a0c22710 416->427 419->418 434 7ff7a0c216f9-7ff7a0c216fd 426->434 435 7ff7a0c216d1-7ff7a0c216f4 call 7ff7a0c34f08 call 7ff7a0c22910 426->435 433 7ff7a0c21821-7ff7a0c21824 call 7ff7a0c3004c 427->433 443 7ff7a0c21829-7ff7a0c2183b 433->443 437 7ff7a0c21717-7ff7a0c21737 call 7ff7a0c34f44 434->437 438 7ff7a0c216ff-7ff7a0c2170b call 7ff7a0c21210 434->438 448 7ff7a0c21819-7ff7a0c2181c call 7ff7a0c3004c 435->448 449 7ff7a0c21739-7ff7a0c2175c call 7ff7a0c34f08 call 7ff7a0c22910 437->449 450 7ff7a0c21761-7ff7a0c2176c 437->450 445 7ff7a0c21710-7ff7a0c21712 438->445 445->448 448->433 462 7ff7a0c2180f-7ff7a0c21814 449->462 451 7ff7a0c21802-7ff7a0c2180a call 7ff7a0c34f30 450->451 452 7ff7a0c21772-7ff7a0c21777 450->452 451->462 455 7ff7a0c21780-7ff7a0c217a2 call 7ff7a0c3039c 452->455 464 7ff7a0c217da-7ff7a0c217e6 call 7ff7a0c34f08 455->464 465 7ff7a0c217a4-7ff7a0c217bc call 7ff7a0c30adc 455->465 462->448 470 7ff7a0c217ed-7ff7a0c217f8 call 7ff7a0c22910 464->470 471 7ff7a0c217be-7ff7a0c217c1 465->471 472 7ff7a0c217c5-7ff7a0c217d8 call 7ff7a0c34f08 465->472 477 7ff7a0c217fd 470->477 471->455 474 7ff7a0c217c3 471->474 472->470 474->477 477->451
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to create symbolic link %s!$Failed to extract %s: failed to allocate temporary buffer!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to open target file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$Failed to extract %s: failed to write data chunk!$fopen$fread$fseek$fwrite$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-1550345328
                                                                                                                                                                                                                                                                                                            • Opcode ID: 497c01c90ff07c92ee98c0ac9ec97d193f6b33d59ff132603bcf4e4f6ccc15bf
                                                                                                                                                                                                                                                                                                            • Instruction ID: d6f4df54ebc36c72ad737d9ca70f71c8ce827a8c773887b8937b603b2112f310
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 497c01c90ff07c92ee98c0ac9ec97d193f6b33d59ff132603bcf4e4f6ccc15bf
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6751BC21B0A64392EA14BB6594401F9E3A1BF98B94FC64D31EE0C07BF6EE3DF5458720
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C28660 Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 116COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetTempPathW.KERNEL32(?,?,00000000,00007FF7A0C23CBB), ref: 00007FF7A0C28704
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,00000000,00007FF7A0C23CBB), ref: 00007FF7A0C2870A
                                                                                                                                                                                                                                                                                                            • CreateDirectoryW.KERNELBASE(?,00000000,00007FF7A0C23CBB), ref: 00007FF7A0C2874C
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28830: GetEnvironmentVariableW.KERNEL32(00007FF7A0C2388E), ref: 00007FF7A0C28867
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28830: ExpandEnvironmentStringsW.KERNEL32 ref: 00007FF7A0C28889
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C38238: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C38251
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22810: MessageBoxW.USER32 ref: 00007FF7A0C228EA
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Environment$CreateCurrentDirectoryExpandMessagePathProcessStringsTempVariable_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: LOADER: failed to set the TMP environment variable.$LOADER: length of teporary directory path exceeds maximum path length!$TMP$TMP$_MEI%d
                                                                                                                                                                                                                                                                                                            • API String ID: 3563477958-1339014028
                                                                                                                                                                                                                                                                                                            • Opcode ID: 191653d34e5a06968e8282251bef030903df87164e49fe651f79a53b4d97858f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 45e5049baa631718db5db0842631180830e2cbf601478ed0c2cb979b9133b199
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 191653d34e5a06968e8282251bef030903df87164e49fe651f79a53b4d97858f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 58419111A2B64345FA14FB75A8552FAD291AF887C0FC64831ED0D47BFADE3CF6058260
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21210 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 158COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 756 7ff7a0c21210-7ff7a0c2126d call 7ff7a0c2bd80 759 7ff7a0c21297-7ff7a0c212af call 7ff7a0c34f44 756->759 760 7ff7a0c2126f-7ff7a0c21296 call 7ff7a0c22710 756->760 765 7ff7a0c212b1-7ff7a0c212cf call 7ff7a0c34f08 call 7ff7a0c22910 759->765 766 7ff7a0c212d4-7ff7a0c212e4 call 7ff7a0c34f44 759->766 778 7ff7a0c21439-7ff7a0c2144e call 7ff7a0c2ba60 call 7ff7a0c34f30 * 2 765->778 772 7ff7a0c21309-7ff7a0c2131b 766->772 773 7ff7a0c212e6-7ff7a0c21304 call 7ff7a0c34f08 call 7ff7a0c22910 766->773 776 7ff7a0c21320-7ff7a0c21345 call 7ff7a0c3039c 772->776 773->778 784 7ff7a0c2134b-7ff7a0c21355 call 7ff7a0c30110 776->784 785 7ff7a0c21431 776->785 793 7ff7a0c21453-7ff7a0c2146d 778->793 784->785 792 7ff7a0c2135b-7ff7a0c21367 784->792 785->778 794 7ff7a0c21370-7ff7a0c21398 call 7ff7a0c2a1c0 792->794 797 7ff7a0c2139a-7ff7a0c2139d 794->797 798 7ff7a0c21416-7ff7a0c2142c call 7ff7a0c22710 794->798 799 7ff7a0c2139f-7ff7a0c213a9 797->799 800 7ff7a0c21411 797->800 798->785 802 7ff7a0c213ab-7ff7a0c213b9 call 7ff7a0c30adc 799->802 803 7ff7a0c213d4-7ff7a0c213d7 799->803 800->798 809 7ff7a0c213be-7ff7a0c213c1 802->809 804 7ff7a0c213ea-7ff7a0c213ef 803->804 805 7ff7a0c213d9-7ff7a0c213e7 call 7ff7a0c49e30 803->805 804->794 808 7ff7a0c213f5-7ff7a0c213f8 804->808 805->804 811 7ff7a0c213fa-7ff7a0c213fd 808->811 812 7ff7a0c2140c-7ff7a0c2140f 808->812 813 7ff7a0c213cf-7ff7a0c213d2 809->813 814 7ff7a0c213c3-7ff7a0c213cd call 7ff7a0c30110 809->814 811->798 815 7ff7a0c213ff-7ff7a0c21407 811->815 812->785 813->798 814->804 814->813 815->776
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: 1.3.1$Failed to extract %s: decompression resulted in return code %d!$Failed to extract %s: failed to allocate temporary input buffer!$Failed to extract %s: failed to allocate temporary output buffer!$Failed to extract %s: inflateInit() failed with return code %d!$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-2813020118
                                                                                                                                                                                                                                                                                                            • Opcode ID: 8c3d3767c92c3f25500c132f33d9ae5f36ceff73d91df2c2d10727b506476509
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6ae7ca427d19e76a1ed9648e7c6f72c8b56b19811e210174317a52af84220a62
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8c3d3767c92c3f25500c132f33d9ae5f36ceff73d91df2c2d10727b506476509
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B251D422A0A64385E624BB25A4103FAE291FF98794FD64931ED4D47BF6EE3CF501C720
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3ED10 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,?,?,00007FF7A0C3F0AA,?,?,-00000018,00007FF7A0C3AD53,?,?,?,00007FF7A0C3AC4A,?,?,?,00007FF7A0C35F3E), ref: 00007FF7A0C3EE8C
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF7A0C3F0AA,?,?,-00000018,00007FF7A0C3AD53,?,?,?,00007FF7A0C3AC4A,?,?,?,00007FF7A0C35F3E), ref: 00007FF7A0C3EE98
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                                                                                                                            • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                                                                                            • API String ID: 3013587201-537541572
                                                                                                                                                                                                                                                                                                            • Opcode ID: 113d78e4ddfca44ef7199ea688f338981f8b4522c7c5ddaba00381c3941a83e2
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0da2e380f4e1d627fcce44e64c80b859d4855d51bae561c2dfa3a4afcb882232
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 113d78e4ddfca44ef7199ea688f338981f8b4522c7c5ddaba00381c3941a83e2
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AF41E361B2AA0341FB19AB1698146F6E291BF48B90FCA4935DD1D477E4EF3CF4058321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C236B0 Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(?,00007FF7A0C23804), ref: 00007FF7A0C236E1
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C23804), ref: 00007FF7A0C236EB
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22C50: GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF7A0C23706,?,00007FF7A0C23804), ref: 00007FF7A0C22C9E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22C50: FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF7A0C23706,?,00007FF7A0C23804), ref: 00007FF7A0C22D63
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22C50: MessageBoxW.USER32 ref: 00007FF7A0C22D99
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Message$CurrentErrorFileFormatLastModuleNameProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to convert executable path to UTF-8.$Failed to obtain executable path.$Failed to resolve full path to executable %ls.$GetModuleFileNameW$\\?\
                                                                                                                                                                                                                                                                                                            • API String ID: 3187769757-2863816727
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7a7bb6314ef99d1ea6b5a99dff4d55fbb7227be169d5ba9e119ffda366a0a745
                                                                                                                                                                                                                                                                                                            • Instruction ID: aa2cf8fe19592cb25e1afe3b90f0c41c459dbb01ef57a7d79ec5e2e54f7a4aca
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7a7bb6314ef99d1ea6b5a99dff4d55fbb7227be169d5ba9e119ffda366a0a745
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 18215EA1B1A64351FA60BB34E8543F6A251BF88794FC24932D65D82BF5EE3CF504C360
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3BA5C Relevance: 10.8, APIs: 7, Instructions: 290COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 901 7ff7a0c3ba5c-7ff7a0c3ba82 902 7ff7a0c3ba9d-7ff7a0c3baa1 901->902 903 7ff7a0c3ba84-7ff7a0c3ba98 call 7ff7a0c34ee8 call 7ff7a0c34f08 901->903 905 7ff7a0c3be77-7ff7a0c3be83 call 7ff7a0c34ee8 call 7ff7a0c34f08 902->905 906 7ff7a0c3baa7-7ff7a0c3baae 902->906 919 7ff7a0c3be8e 903->919 922 7ff7a0c3be89 call 7ff7a0c3a8e0 905->922 906->905 908 7ff7a0c3bab4-7ff7a0c3bae2 906->908 908->905 911 7ff7a0c3bae8-7ff7a0c3baef 908->911 914 7ff7a0c3bb08-7ff7a0c3bb0b 911->914 915 7ff7a0c3baf1-7ff7a0c3bb03 call 7ff7a0c34ee8 call 7ff7a0c34f08 911->915 917 7ff7a0c3bb11-7ff7a0c3bb17 914->917 918 7ff7a0c3be73-7ff7a0c3be75 914->918 915->922 917->918 924 7ff7a0c3bb1d-7ff7a0c3bb20 917->924 923 7ff7a0c3be91-7ff7a0c3bea8 918->923 919->923 922->919 924->915 928 7ff7a0c3bb22-7ff7a0c3bb47 924->928 930 7ff7a0c3bb7a-7ff7a0c3bb81 928->930 931 7ff7a0c3bb49-7ff7a0c3bb4b 928->931 932 7ff7a0c3bb56-7ff7a0c3bb6d call 7ff7a0c34ee8 call 7ff7a0c34f08 call 7ff7a0c3a8e0 930->932 933 7ff7a0c3bb83-7ff7a0c3bbab call 7ff7a0c3d5fc call 7ff7a0c3a948 * 2 930->933 934 7ff7a0c3bb4d-7ff7a0c3bb54 931->934 935 7ff7a0c3bb72-7ff7a0c3bb78 931->935 967 7ff7a0c3bd00 932->967 962 7ff7a0c3bbc8-7ff7a0c3bbf3 call 7ff7a0c3c284 933->962 963 7ff7a0c3bbad-7ff7a0c3bbc3 call 7ff7a0c34f08 call 7ff7a0c34ee8 933->963 934->932 934->935 936 7ff7a0c3bbf8-7ff7a0c3bc0f 935->936 939 7ff7a0c3bc8a-7ff7a0c3bc94 call 7ff7a0c4391c 936->939 940 7ff7a0c3bc11-7ff7a0c3bc19 936->940 953 7ff7a0c3bc9a-7ff7a0c3bcaf 939->953 954 7ff7a0c3bd1e 939->954 940->939 943 7ff7a0c3bc1b-7ff7a0c3bc1d 940->943 943->939 947 7ff7a0c3bc1f-7ff7a0c3bc35 943->947 947->939 951 7ff7a0c3bc37-7ff7a0c3bc43 947->951 951->939 956 7ff7a0c3bc45-7ff7a0c3bc47 951->956 953->954 959 7ff7a0c3bcb1-7ff7a0c3bcc3 GetConsoleMode 953->959 958 7ff7a0c3bd23-7ff7a0c3bd43 ReadFile 954->958 956->939 961 7ff7a0c3bc49-7ff7a0c3bc61 956->961 964 7ff7a0c3bd49-7ff7a0c3bd51 958->964 965 7ff7a0c3be3d-7ff7a0c3be46 GetLastError 958->965 959->954 966 7ff7a0c3bcc5-7ff7a0c3bccd 959->966 961->939 972 7ff7a0c3bc63-7ff7a0c3bc6f 961->972 962->936 963->967 964->965 974 7ff7a0c3bd57 964->974 969 7ff7a0c3be48-7ff7a0c3be5e call 7ff7a0c34f08 call 7ff7a0c34ee8 965->969 970 7ff7a0c3be63-7ff7a0c3be66 965->970 966->958 968 7ff7a0c3bccf-7ff7a0c3bcf1 ReadConsoleW 966->968 971 7ff7a0c3bd03-7ff7a0c3bd0d call 7ff7a0c3a948 967->971 976 7ff7a0c3bd12-7ff7a0c3bd1c 968->976 977 7ff7a0c3bcf3 GetLastError 968->977 969->967 981 7ff7a0c3bcf9-7ff7a0c3bcfb call 7ff7a0c34e7c 970->981 982 7ff7a0c3be6c-7ff7a0c3be6e 970->982 971->923 972->939 980 7ff7a0c3bc71-7ff7a0c3bc73 972->980 984 7ff7a0c3bd5e-7ff7a0c3bd73 974->984 976->984 977->981 980->939 989 7ff7a0c3bc75-7ff7a0c3bc85 980->989 981->967 982->971 984->971 991 7ff7a0c3bd75-7ff7a0c3bd80 984->991 989->939 994 7ff7a0c3bda7-7ff7a0c3bdaf 991->994 995 7ff7a0c3bd82-7ff7a0c3bd9b call 7ff7a0c3b674 991->995 997 7ff7a0c3be2b-7ff7a0c3be38 call 7ff7a0c3b4b4 994->997 998 7ff7a0c3bdb1-7ff7a0c3bdc3 994->998 1001 7ff7a0c3bda0-7ff7a0c3bda2 995->1001 997->1001 1002 7ff7a0c3be1e-7ff7a0c3be26 998->1002 1003 7ff7a0c3bdc5 998->1003 1001->971 1002->971 1005 7ff7a0c3bdca-7ff7a0c3bdd1 1003->1005 1006 7ff7a0c3be0d-7ff7a0c3be18 1005->1006 1007 7ff7a0c3bdd3-7ff7a0c3bdd7 1005->1007 1006->1002 1008 7ff7a0c3bdd9-7ff7a0c3bde0 1007->1008 1009 7ff7a0c3bdf3 1007->1009 1008->1009 1010 7ff7a0c3bde2-7ff7a0c3bde6 1008->1010 1011 7ff7a0c3bdf9-7ff7a0c3be09 1009->1011 1010->1009 1012 7ff7a0c3bde8-7ff7a0c3bdf1 1010->1012 1011->1005 1013 7ff7a0c3be0b 1011->1013 1012->1011 1013->1002
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1c0df5e74df0118619baac061aee596465bcef498cfc928fc9eaa168a483e3b3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6c5792736694fe5e6a56532b79bee15f23317da4f2bcc4cf0d444d4ab092c982
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1c0df5e74df0118619baac061aee596465bcef498cfc928fc9eaa168a483e3b3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 05C1C22292A68782E668AB1594402FDFB50FF81B80FD74931EB4D037B6CE7DF4458762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C28570 Relevance: 10.6, APIs: 7, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Token$InformationProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 995526605-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1c88e2159774aae00215e56fe2a2a719af09135261df6dbcfc7a62e4558c2eb4
                                                                                                                                                                                                                                                                                                            • Instruction ID: f2ca4cf7980fbe5d4c6e90d2d0100ff4cc0e40207159579696ae70b3b4d60262
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1c88e2159774aae00215e56fe2a2a719af09135261df6dbcfc7a62e4558c2eb4
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 20219321A0E64342EB10BB65B4442BAE3A1FFC57A0F950635EA6C43BF5DE7CF5498710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C290E0 Relevance: 9.1, APIs: 2, Strings: 4, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: GetCurrentProcess.KERNEL32 ref: 00007FF7A0C28590
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: OpenProcessToken.ADVAPI32 ref: 00007FF7A0C285A3
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: GetTokenInformation.KERNELBASE ref: 00007FF7A0C285C8
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: GetLastError.KERNEL32 ref: 00007FF7A0C285D2
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: GetTokenInformation.KERNELBASE ref: 00007FF7A0C28612
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: ConvertSidToStringSidW.ADVAPI32 ref: 00007FF7A0C2862E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: CloseHandle.KERNELBASE ref: 00007FF7A0C28646
                                                                                                                                                                                                                                                                                                            • LocalFree.KERNEL32(?,00007FF7A0C23C55), ref: 00007FF7A0C2916C
                                                                                                                                                                                                                                                                                                            • LocalFree.KERNEL32(?,00007FF7A0C23C55), ref: 00007FF7A0C29175
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Token$FreeInformationLocalProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                                                                                                                                                                                                                            • String ID: D:(A;;FA;;;%s)$D:(A;;FA;;;%s)(A;;FA;;;%s)$S-1-3-4$Security descriptor string length exceeds PYI_PATH_MAX!
                                                                                                                                                                                                                                                                                                            • API String ID: 6828938-1529539262
                                                                                                                                                                                                                                                                                                            • Opcode ID: 5ed7a9ba3e6ce910408607b93085540bd422a8d0f9e00f9f84049ca226c14b37
                                                                                                                                                                                                                                                                                                            • Instruction ID: acd28411944d395c3822f093631f67cc8742fc45ba4ad2a0b3386a2d05384daf
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5ed7a9ba3e6ce910408607b93085540bd422a8d0f9e00f9f84049ca226c14b37
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F3212121A0A64352F614BB21E4153EEA251FF88780FC64835EA4D53BA6DF3DF5458760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C27E20 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • CreateDirectoryW.KERNELBASE(00000000,?,00007FF7A0C2352C,?,00000000,00007FF7A0C23F23), ref: 00007FF7A0C27F32
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CreateDirectory
                                                                                                                                                                                                                                                                                                            • String ID: %.*s$%s%c$\
                                                                                                                                                                                                                                                                                                            • API String ID: 4241100979-1685191245
                                                                                                                                                                                                                                                                                                            • Opcode ID: 302ffdc47f1f131389ecc473fe7ae023bae846d875cccfc6523225b15fd92315
                                                                                                                                                                                                                                                                                                            • Instruction ID: 1150562dffcaae317c41bf732352ad9deff7e3beb9ed0776f7c46cdce1e90b5c
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 302ffdc47f1f131389ecc473fe7ae023bae846d875cccfc6523225b15fd92315
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3931DA6161AAC345EA21B730E4903EAA354EF88BE0F810B30EE6D47BD5DE3CF5018710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3CF60 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7A0C3CF4B), ref: 00007FF7A0C3D07C
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7A0C3CF4B), ref: 00007FF7A0C3D107
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ConsoleErrorLastMode
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 953036326-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: a47a8d54e36ced6583969bea4ac316e5fdc1f02f5f342ddc714eca2f45cad1a1
                                                                                                                                                                                                                                                                                                            • Instruction ID: 4d69c7d0cb746da3c3bdcf764d3043b4f7bf8f2656e92f2fd1a11be880a87b76
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a47a8d54e36ced6583969bea4ac316e5fdc1f02f5f342ddc714eca2f45cad1a1
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6891F222E2965385F768AF65A4403FDFBA0BF44B98F954539DE0E527A4CE38F442C321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3F98C Relevance: 6.2, APIs: 4, Instructions: 162COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _get_daylight$_isindst
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 4170891091-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 873197461a12b50781dd6dd2a54ab0b7f590f407db75148e336b6c99fa373a01
                                                                                                                                                                                                                                                                                                            • Instruction ID: bd40ac61b1279263cac600d662032a19c69fb88543ed33caf98a68c816dae928
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 873197461a12b50781dd6dd2a54ab0b7f590f407db75148e336b6c99fa373a01
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A5132B2F166138BEB18EB64C8602FCE761AF00358F920A35DD1E52BF4DB3CB4168200
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3577C Relevance: 6.1, APIs: 4, Instructions: 119pipeCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2780335769-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 6aefb500db5e0848cb3e1a230f039049599ff649377a7022c72adab745f1037c
                                                                                                                                                                                                                                                                                                            • Instruction ID: 9ec04191ef7586357726f4b2ee308b94a100058e1cd1d5e9a7d1179a24bb5a4c
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6aefb500db5e0848cb3e1a230f039049599ff649377a7022c72adab745f1037c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EF51AE22E257428AFB18EF71D4543FDA7A1AF48B58F924834DE0D477A9DF38E4418722
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C35628 Relevance: 6.1, APIs: 4, Instructions: 90fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CloseCreateFileHandle_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1279662727-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 8f3d5377b4ca72f71b0fe910297a4b2920b1cd85568e136600ee028e7f718979
                                                                                                                                                                                                                                                                                                            • Instruction ID: 66b27c30d47d28a83234a38fc80ae840b765136b190c56541cf56d4da82830bc
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f3d5377b4ca72f71b0fe910297a4b2920b1cd85568e136600ee028e7f718979
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2D419222D2978283E718AB2095143E9E260FF957A4F919B35E65C03BE2DF6CB1E08711
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2CC3C Relevance: 4.6, APIs: 3, Instructions: 94COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3251591375-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: b3dd18574e8b698ea28c35ed35ed65a6730a16d6ac14c38d0a8ba428da0d66bc
                                                                                                                                                                                                                                                                                                            • Instruction ID: aa999e53d880e93a3c023f4dc1e81b0133717da8148de760a1211bb54f17eab6
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b3dd18574e8b698ea28c35ed35ed65a6730a16d6ac14c38d0a8ba428da0d66bc
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 34314921E0B60742FA24BB7494923F9D691AF59384FC65C35E94E47BF3DE2DB8048272
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39A30 Relevance: 4.5, APIs: 3, Instructions: 14COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1703294689-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 148d460979eed4a43ebbf671c65dc2dc638c0d89c9c01e8e00358d5495882c84
                                                                                                                                                                                                                                                                                                            • Instruction ID: c92fae87656c1d026d7564aa8718122e083bac780b7b0a9fd2cc86d26272310d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 148d460979eed4a43ebbf671c65dc2dc638c0d89c9c01e8e00358d5495882c84
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C2D09E10B1A70743EB183B715C590FCD256BF48741F961D38C84B063B3DD2DB8495321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3013C Relevance: 3.2, APIs: 2, Instructions: 177COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: e80cfa20b6c7ebf2f27a6dba6ddb06cb01cda21135ba71ef9e2cf3b7629ca058
                                                                                                                                                                                                                                                                                                            • Instruction ID: 55907b06ebd31178f05b092198911b900accb1e022ca5da54ad37569a6fa50de
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e80cfa20b6c7ebf2f27a6dba6ddb06cb01cda21135ba71ef9e2cf3b7629ca058
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EA51DC2272B64396E66CA92554146FEE181BF44BA4FA64A34DD6D037F5CE3CF4008622
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3C134 Relevance: 3.0, APIs: 2, Instructions: 46COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2976181284-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7d52f85de62641260209e8dbb28c5e1251e01e8bf24b4306ce9dcd9badf2c9c6
                                                                                                                                                                                                                                                                                                            • Instruction ID: fb23e7b255ec80abe665e1d7bc78f5318534180fa1478c095972e884e5e07219
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7d52f85de62641260209e8dbb28c5e1251e01e8bf24b4306ce9dcd9badf2c9c6
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E811E262618A8281DA24AB25A8440ADF361BF41FF0F954731EE7D077FACE7CE0109701
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C35924 Relevance: 3.0, APIs: 2, Instructions: 40timeCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • FileTimeToSystemTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7A0C35839), ref: 00007FF7A0C35957
                                                                                                                                                                                                                                                                                                            • SystemTimeToTzSpecificLocalTime.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7A0C35839), ref: 00007FF7A0C3596D
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Time$System$FileLocalSpecific
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1707611234-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 497c6f3b45805196ef8f930e068bad9451f3f50de380bc241881b145e929bf5b
                                                                                                                                                                                                                                                                                                            • Instruction ID: 11c653202ba817fa47c495fc768fb96e93984ddb5396d6995c5e5ef369a57ce3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 497c6f3b45805196ef8f930e068bad9451f3f50de380bc241881b145e929bf5b
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6911B261A1D743C2EA18AB15A4101BAF760FF84771F920635F69981AF4EF2CE015DB20
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3A948 Relevance: 3.0, APIs: 2, Instructions: 19memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • RtlFreeHeap.NTDLL(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A95E
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A968
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 485612231-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 46e6024f15a2f57ad5ff64688e0fe3cec5898f8577aba2f63b046adc8766ef53
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0d49f81a48adddf52b3fce3f18ebea0e9347d3814307ccd5024a1d3e2b176da3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 46e6024f15a2f57ad5ff64688e0fe3cec5898f8577aba2f63b046adc8766ef53
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A8E04F50E2B20342FE1C7BF264591F9D2516F88B01FC60830C80D523B2DD2C78518231
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3AB58 Relevance: 2.6, APIs: 2, Instructions: 59COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • CloseHandle.KERNELBASE(?,?,?,00007FF7A0C3A9D5,?,?,00000000,00007FF7A0C3AA8A), ref: 00007FF7A0C3ABC6
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF7A0C3A9D5,?,?,00000000,00007FF7A0C3AA8A), ref: 00007FF7A0C3ABD0
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CloseErrorHandleLast
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 918212764-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: ae1e15d82824e1a5fac1c7302ca2ff5641fe0b0e43db7728cd9339717749910c
                                                                                                                                                                                                                                                                                                            • Instruction ID: d8dd5c150596643ef54e5c4f67985d534ed35eb148f65289c3e60f32028bec4f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae1e15d82824e1a5fac1c7302ca2ff5641fe0b0e43db7728cd9339717749910c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4C210B21F2A64342FA68775194543FDE2839F84B94F961A38EA1E477F2CE6CF4544322
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3BEAC Relevance: 1.6, APIs: 1, Instructions: 112COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: cbeb3b5568c01fe22c816fd393b22aefbfa64644ae8ce1fe3b0dc090283c3b2e
                                                                                                                                                                                                                                                                                                            • Instruction ID: eda53ca981845f7c22b914018ca98db67f2e245c43e40a89b40b75f3e43cc38f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cbeb3b5568c01fe22c816fd393b22aefbfa64644ae8ce1fe3b0dc090283c3b2e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E641EC3692A24387E638AB59A4401F9F360EF59B40F511935D78E437E2CF6DF402CB62
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C27F90 Relevance: 1.6, APIs: 1, Instructions: 85COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _fread_nolock
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 840049012-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: c71a6dd345665bd02620eba10a8a94dc4102cb74e38ee38dc4d27ae1ce165416
                                                                                                                                                                                                                                                                                                            • Instruction ID: 30b3b4619e641c4418702b5ccf1c34575ac194ce60093973e9964805a1d7bb5b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c71a6dd345665bd02620eba10a8a94dc4102cb74e38ee38dc4d27ae1ce165416
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD219C21B1B65346EA54BB2269047FAD651BF49BC4FCA4830EE0C07B96CE7DF149C211
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B93C Relevance: 1.6, APIs: 1, Instructions: 79COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: c2d01373d3233558d420055387ebca2c39d1ce99b2c1a08127fa32cb0ba5fec2
                                                                                                                                                                                                                                                                                                            • Instruction ID: 18e230dedd5f0c82ce4b6f525105142d7de5f9746aa1d71a893deef8dd4873ce
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c2d01373d3233558d420055387ebca2c39d1ce99b2c1a08127fa32cb0ba5fec2
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F0314F22A3A60385E6197B5594413FCE6A0AF84B95FC30935EB5D473E2DE7CB4418732
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39961 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3947729631-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 42808d7c08696a35870eb95595f0ae95ff90971c005bfc8769c42bb91e99b0de
                                                                                                                                                                                                                                                                                                            • Instruction ID: c9b9c44ac999c700f21c70550ca16904bd67ce56038f0a6abf9640029fb97256
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 42808d7c08696a35870eb95595f0ae95ff90971c005bfc8769c42bb91e99b0de
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 38218271A167468AEB189F68C4802ECB7A0FB44719F850A3AD75C06BE5DF3CE544C751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C35F94 Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                                                                                                                            • Instruction ID: 24ed4f738db88112f5e0ef5e8b7902d5aed39e7180ca44694f462f49292d4d96
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC114F31E3E64382EA68BF5194041F9E264AF89B84FC64831EA4C57BA6CF3DF5504762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C46354 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3765a10cee1e255344ee37f065f4be71d58868c9c9e645b3056c9746d3493235
                                                                                                                                                                                                                                                                                                            • Instruction ID: fe732ede62f742b505b60e32d5da2a9bbaa564b4c134ad0bbb6c6ec2fef81281
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3765a10cee1e255344ee37f065f4be71d58868c9c9e645b3056c9746d3493235
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BF21D032A19A8386DB20AF18D0443B9F2A1FF84B54F954634EA5D877E9DF3DE4008B11
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C303BC Relevance: 1.5, APIs: 1, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                                                                                                                            • Instruction ID: d01dc6ac1d8d743c839dcaf890f2343185ac7187a14b963ea4dafddcce18292a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F901A522A2974340E50CEF5259100E9E691BF85FE0F9A4A31DE5C17BE6CE3CF5514311
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C37EFC Relevance: 1.5, APIs: 1, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: eb4e03bbc0b04cbc85d5aa4284f536322b5632f0a5d263bd1b62b358e696f9c3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8a74412afccafdd6f5ddb7e16e2bbc3915f4813dfdb5c3afbd87d5736358c4dd
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eb4e03bbc0b04cbc85d5aa4284f536322b5632f0a5d263bd1b62b358e696f9c3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 45013920A2FA9341FA787BA155811F9D190BF487D0FC64B35EA5C427E6EE2CB4518222
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C38238 Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3541b91b086c77dfe17527b78ee7977ece0d5fdea915d925a3ffaee66e22a6c2
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8121f97b8e5e1d444c12f99b79a2b6fe7fb137668d494961683c74b33c13c419
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3541b91b086c77dfe17527b78ee7977ece0d5fdea915d925a3ffaee66e22a6c2
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 26E04664E2E70786FA193AA404821FAD0204F99340FC60930ED080A3E3DD2D78485233
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3EB98 Relevance: 1.3, APIs: 1, Instructions: 36memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • HeapAlloc.KERNEL32(?,?,00000000,00007FF7A0C3B32A,?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A), ref: 00007FF7A0C3EBED
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AllocHeap
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 4292702814-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 0190c006dd090f1dc8136ef035d08a675b61e1fdbed98732a32380f018d60316
                                                                                                                                                                                                                                                                                                            • Instruction ID: ae9e94d2dcfdcf10bfb7f195d0dcc0923043d5feb0a280dea2aeb8c33c88357e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0190c006dd090f1dc8136ef035d08a675b61e1fdbed98732a32380f018d60316
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6DF03754B2B20382FE5E7A6698652F5C2955F88B84F8A5930C90F863E2ED1CB4814236
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3D5FC Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • HeapAlloc.KERNEL32(?,?,?,00007FF7A0C30C90,?,?,?,00007FF7A0C322FA,?,?,?,?,?,00007FF7A0C33AE9), ref: 00007FF7A0C3D63A
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AllocHeap
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 4292702814-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 510c613edcbd96140e332c46b5608733b20d975e117422ad796dc4540c81bb80
                                                                                                                                                                                                                                                                                                            • Instruction ID: fce9fd3c355b958da05578e539194621d97d46a455ceebb96039faa21782f648
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 510c613edcbd96140e332c46b5608733b20d975e117422ad796dc4540c81bb80
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9FF0DA50A2A24745FE68767268567F5D2B15F887A1F8A0E30E93E453E2DD2DF4808532

                                                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C276C0 Relevance: 177.1, APIs: 66, Strings: 35, Instructions: 314libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AddressErrorLastProc
                                                                                                                                                                                                                                                                                                            • String ID: Failed to get address for %hs$GetProcAddress$Tcl_Alloc$Tcl_ConditionFinalize$Tcl_ConditionNotify$Tcl_ConditionWait$Tcl_CreateInterp$Tcl_CreateObjCommand$Tcl_CreateThread$Tcl_DeleteInterp$Tcl_DoOneEvent$Tcl_EvalEx$Tcl_EvalFile$Tcl_EvalObjv$Tcl_Finalize$Tcl_FinalizeThread$Tcl_FindExecutable$Tcl_Free$Tcl_GetCurrentThread$Tcl_GetObjResult$Tcl_GetString$Tcl_GetVar2$Tcl_Init$Tcl_JoinThread$Tcl_MutexFinalize$Tcl_MutexLock$Tcl_MutexUnlock$Tcl_NewByteArrayObj$Tcl_NewStringObj$Tcl_SetVar2$Tcl_SetVar2Ex$Tcl_ThreadAlert$Tcl_ThreadQueueEvent$Tk_GetNumMainWindows$Tk_Init
                                                                                                                                                                                                                                                                                                            • API String ID: 199729137-3427451314
                                                                                                                                                                                                                                                                                                            • Opcode ID: 939c8a0ebf27c7f5789cd4a10996167767bc86255d761b2ba34a42bc6fc861e3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 46a50e5e8d03a5f8eb59372df323b40e41f4719ce701d9a57032d7a928cca4e3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 939c8a0ebf27c7f5789cd4a10996167767bc86255d761b2ba34a42bc6fc861e3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D902DBA4A0FB0781EA15BB65B8982F5A362BF08756FC71D31D81E02771EF7DB4498231
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C440AC Relevance: 24.0, APIs: 9, Strings: 4, Instructions: 1226COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo$memcpy_s$fegetenv
                                                                                                                                                                                                                                                                                                            • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                                                                                                                                                            • API String ID: 808467561-2761157908
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7da0388417e7c773b0aab48e07e342724827a26e5879d16e5decf6c79e081c8c
                                                                                                                                                                                                                                                                                                            • Instruction ID: 79f9c70d2e2fe6b717ff0df8385c4f11594bd6d048999c69091a310cefce6dd3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7da0388417e7c773b0aab48e07e342724827a26e5879d16e5decf6c79e081c8c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F9B22672E192838BE7249F64D4487FDB7A2FF44388F911935DA0A57BA4DB39B900CB50
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2ACAD Relevance: 12.0, Strings: 9, Instructions: 744COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: invalid bit length repeat$invalid code -- missing end-of-block$invalid code lengths set$invalid distance code$invalid distance too far back$invalid distances set$invalid literal/length code$invalid literal/lengths set$too many length or distance symbols
                                                                                                                                                                                                                                                                                                            • API String ID: 0-2665694366
                                                                                                                                                                                                                                                                                                            • Opcode ID: 55880860ec2df9374ed9e05eb7c1f9660e2769407a38999da05ffb99d6c3dc89
                                                                                                                                                                                                                                                                                                            • Instruction ID: 9b9abcff401429c3432d138dadba1dfef063e5d5b6218e44ef12635741e5dee7
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 55880860ec2df9374ed9e05eb7c1f9660e2769407a38999da05ffb99d6c3dc89
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FF522972A156A74BD794AF24C458BBE7BA9FF48740F424539E64A83BD0DB3CE840CB10
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2D12C Relevance: 10.6, APIs: 7, Instructions: 71COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3140674995-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 357b26123f7cc0566be18cabbec560c6351d8abd4e8582c9dfa9d4018571b442
                                                                                                                                                                                                                                                                                                            • Instruction ID: c935b4319935a4d879c4c05f9de4dc071fab45e3e209f89a8bb6cb5d75732d31
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 357b26123f7cc0566be18cabbec560c6351d8abd4e8582c9dfa9d4018571b442
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 97315372609B8286EB60AF60E8443EDB361FB94704F454439DA4E47BA5DF7DD548C710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3A614 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1239891234-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: ae2d74aaff6e8c1310ec24f87c3395aa5518f909cdba62f6f822c67f0a9cc142
                                                                                                                                                                                                                                                                                                            • Instruction ID: 300dd730e0cc79b14c32d4f3ee152c6967fd17efc31939cffd16bcc5c11ca1c8
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae2d74aaff6e8c1310ec24f87c3395aa5518f909cdba62f6f822c67f0a9cc142
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B1318F36619B8286EB20DF24E8442EEB3A4FF88754F950535EA8D43BA5DF3CE155CB10
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C41874 Relevance: 7.8, APIs: 5, Instructions: 282COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2227656907-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: ee5daded1920a45b930385d49f4c9fb7106de6f00b6358014c2482279c1420ad
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8f47c1df54dd19581ccb3d6a9338177c0f2e1ebd6525b9d334719a93ff1fff84
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ee5daded1920a45b930385d49f4c9fb7106de6f00b6358014c2482279c1420ad
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B8B1E562B5A68341EA60EB21D4182F9E392FF44BE4F865931DE9D07BE5DE3DF4418310
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2D010 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 884c9866f0db1ea4ea3e8c559fd458021c8c8106c035f87ab540984eb8a2d97e
                                                                                                                                                                                                                                                                                                            • Instruction ID: 2af955d0b2bb542ebe79df5e6f97ca2dcd3159eead6ff606bd82a8fd5484383b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 884c9866f0db1ea4ea3e8c559fd458021c8c8106c035f87ab540984eb8a2d97e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 56115A26B15F068AEB00EF70E8582B973A4FB59758F850E31DA2D867B4DF7CE1548350
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C43C10 Relevance: 4.8, APIs: 3, Instructions: 340COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy_s
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1502251526-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 723df14fe8405c9280d13974b9e0b256372cd2939c4def8ecbac686ef57d643c
                                                                                                                                                                                                                                                                                                            • Instruction ID: 35082d1f59dfb811fbed20e15c0131e8fa732e1b1683d14f398b04fbb1624316
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 723df14fe8405c9280d13974b9e0b256372cd2939c4def8ecbac686ef57d643c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C6C11972B2A68787E724DF15A0486A9F792FB94B84F918534DB4E43754DB3EF801CB40
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2A474 Relevance: 4.1, Strings: 3, Instructions: 398COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: $header crc mismatch$unknown header flags set
                                                                                                                                                                                                                                                                                                            • API String ID: 0-1127688429
                                                                                                                                                                                                                                                                                                            • Opcode ID: fcf6ea83c7a46010d3591867e81b0f53761d3f113121264a3729654d2d1b513f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 726acf07882b0ae9b6b4954ba0d553da5de66222b797a2dc1ae3710b4637d897
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fcf6ea83c7a46010d3591867e81b0f53761d3f113121264a3729654d2d1b513f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 91F19572A057C64BE7A5BF25C088B7ABAA9EF48B40F464934DA4947BE0CB38F540C750
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C49728 Relevance: 3.2, APIs: 2, Instructions: 227COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionRaise_clrfp
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 15204871-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: a4cc0e8a2f7e024105bf8074fef1866164229a93701b52dcf00f6f20498becf3
                                                                                                                                                                                                                                                                                                            • Instruction ID: e39e417d362607e22afa08534a5bdf4acb2511b3599900fb5878603400d8e3ac
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a4cc0e8a2f7e024105bf8074fef1866164229a93701b52dcf00f6f20498becf3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FAB17F73A01B968BE715CF29C84A3A877A1FB44B48F15C925DA5D837B4CB3EE451C710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C339A4 Relevance: 2.8, Strings: 2, Instructions: 350COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: $
                                                                                                                                                                                                                                                                                                            • API String ID: 0-227171996
                                                                                                                                                                                                                                                                                                            • Opcode ID: e57f1980f4491aea9eb328a1e81193c2bccc9a7e68d1918bb9b7207cf9600634
                                                                                                                                                                                                                                                                                                            • Instruction ID: 221c84269eef0261f0b1983726ec16677671772f18b8dc50b36a61529f79b0f8
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e57f1980f4491aea9eb328a1e81193c2bccc9a7e68d1918bb9b7207cf9600634
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C7E1D732A2A64342EB6CAF1580501B9F360FF44B48F962A35DA4E077F4DF29F841D762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2A2DB Relevance: 2.7, Strings: 2, Instructions: 216COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: incorrect header check$invalid window size
                                                                                                                                                                                                                                                                                                            • API String ID: 0-900081337
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7e7bac63e97a7e962ac1d8bc37368dc0e110af78d4507200a91f80e7c7b94e68
                                                                                                                                                                                                                                                                                                            • Instruction ID: 4e3cca8b9255cd2744c2d212626a1eaddcda1646b360a931d38bf26a39339ea5
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7e7bac63e97a7e962ac1d8bc37368dc0e110af78d4507200a91f80e7c7b94e68
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 91919972A192C78BE7A4BB25C448BBE7AA9FF48750F524535DA4946BE0CB38F540CB10
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3DEF0 Relevance: 2.6, Strings: 2, Instructions: 144COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: e+000$gfff
                                                                                                                                                                                                                                                                                                            • API String ID: 0-3030954782
                                                                                                                                                                                                                                                                                                            • Opcode ID: c8a24eaff8c968987b4d031b15ae93849e98bcf9eddb8930961e84febef9b5bc
                                                                                                                                                                                                                                                                                                            • Instruction ID: d0abae027065ffa22cd9c6ff70253a94c13b310d7260f2aef57638202421be91
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c8a24eaff8c968987b4d031b15ae93849e98bcf9eddb8930961e84febef9b5bc
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F517B22B292C246E7289E35A8507A9F791EB44B94F898631CB9847BE1CE7DE0008712
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3DA5C Relevance: 1.5, Strings: 1, Instructions: 254COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: gfffffff
                                                                                                                                                                                                                                                                                                            • API String ID: 0-1523873471
                                                                                                                                                                                                                                                                                                            • Opcode ID: bcab6200947a377332474fa44b4677218d40dcace4b26705986274372b0e4f91
                                                                                                                                                                                                                                                                                                            • Instruction ID: a9708aab6f57e7081de6d5a9e92d3c81085bab3dcde18716bb2a165a7d621500
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bcab6200947a377332474fa44b4677218d40dcace4b26705986274372b0e4f91
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AEA17662B2A7CA46EB29DF25B0007E9FB91AF50B84F429431DE4D477A1DE3DE401C722
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C38794 Relevance: 1.4, Strings: 1, Instructions: 177COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: TMP
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-3125297090
                                                                                                                                                                                                                                                                                                            • Opcode ID: 09cdd7cf7fc9e7e425d724a32e8c9d3bd5c12dba7606eca5b930980d9b4d1239
                                                                                                                                                                                                                                                                                                            • Instruction ID: a43eddaf8acb8c6372f3412228a57d28e2e075e6fed177c9965c259ee95ee1f1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 09cdd7cf7fc9e7e425d724a32e8c9d3bd5c12dba7606eca5b930980d9b4d1239
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7B51A309F2A70341FA5CBA2655012FAD2916F44BD4FCA4834DE4E577F6EE3CF5194222
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C43480 Relevance: 1.3, APIs: 1, Instructions: 7memoryCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: HeapProcess
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 54951025-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1f9e0516fd534d967cb731c121838b59470578846d262458ea046ba55ab40ebf
                                                                                                                                                                                                                                                                                                            • Instruction ID: 70535cbc5aa8e3435d5443802e1a65dbc93efa3d8dbc33729ea68ae17e63597a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1f9e0516fd534d967cb731c121838b59470578846d262458ea046ba55ab40ebf
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 43B09224E07A43C2EA183B216C8A25863B57F48700FDA0538C10C40331DE2C30E55721
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C335A0 Relevance: .3, Instructions: 327COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 5eca4e5ff3e7205525bf20f3b63783aa462e3e7adb0228d62bb7e98ab9f5e9bb
                                                                                                                                                                                                                                                                                                            • Instruction ID: 5f15e10fbebd0a6ae67ec015b28b18a76e58f6de9b1fb04fd88fb06a96a356b2
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5eca4e5ff3e7205525bf20f3b63783aa462e3e7adb0228d62bb7e98ab9f5e9bb
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 76D1E962A2A64385EB2CAE2581412BDE3A0BF05B48F962A35DD0D077F5CF3DF445C762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C29800 Relevance: .3, Instructions: 287COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: e75d751cc15dfd510e55d83c6141b0e8cb11d18cbed01e0c543b372a0114c593
                                                                                                                                                                                                                                                                                                            • Instruction ID: 5281b17f8e999ca24086c441ae013303e24f5e908bbad5c6110fc70ac33ae908
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e75d751cc15dfd510e55d83c6141b0e8cb11d18cbed01e0c543b372a0114c593
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0AC1AF762181E08BD289EB29E4694BA73D1FB8930DBD5406BEF8747BC5C73CA414DB20
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C32C10 Relevance: .2, Instructions: 241COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: aa73bfa000bc8cd66a05f12d530b76a597660d7bda6a6781f52cf2f49ffced0b
                                                                                                                                                                                                                                                                                                            • Instruction ID: c1bdb696b97d314cb1d578ca2e62c45af8da77371fb9b8fc329d1c668fb1bb48
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aa73bfa000bc8cd66a05f12d530b76a597660d7bda6a6781f52cf2f49ffced0b
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F4B1C37252974285EB689F39C0401BCFBA0FB49F48FA60535CA5E433A5EF39E441C762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3E570 Relevance: .2, Instructions: 198COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 9611c2e0762efa78d7f6da3d8515592aa8d86601c49200b7335873453b670326
                                                                                                                                                                                                                                                                                                            • Instruction ID: d38edd94fa9968ba67ca772f26f78a47d2bbb2f3f4953f2af7f6540170a74bfe
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9611c2e0762efa78d7f6da3d8515592aa8d86601c49200b7335873453b670326
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F0811572A2D38246D778EB1990613AAF691FF45794F814635EA8D03BE5DE3CF4008B12
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C46418 Relevance: .2, Instructions: 183COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 21aaab296e2e64a79b20cf98ea2699a9ab0529386423cc159892306e5cd43e00
                                                                                                                                                                                                                                                                                                            • Instruction ID: cd9c373c0fcf242ee5e3809139c92b66df17017e01686251be44c46d37b422b1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 21aaab296e2e64a79b20cf98ea2699a9ab0529386423cc159892306e5cd43e00
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D3612F21E1A24346FB64A67890586FDD582BF40760F974A39E61D437EDDE7FF8008722
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C32164 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 8e69dfdcc94a0aa650623f7423aa354004c1f2fa01d5c1268249020d4c21f447
                                                                                                                                                                                                                                                                                                            • Instruction ID: 266d3af660e78dad3fa8cf18cb913175ab17b2b9a4e4e37e879da0cecfc0e70b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8e69dfdcc94a0aa650623f7423aa354004c1f2fa01d5c1268249020d4c21f447
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9851B336A2965382EB689B29C4402BDF3A0EF54B68F664531CA5C077B4DB3AFC43C751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C31944 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 68a3f5aab59b2fac328bd6ba34d5b1cd1fa94c6914f84dc4a79da3b9d8ff9a98
                                                                                                                                                                                                                                                                                                            • Instruction ID: 521ff2df0898c6e08f928103a7efe5e96274cfad90b7d2bac2a0c9d53f1bfc11
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 68a3f5aab59b2fac328bd6ba34d5b1cd1fa94c6914f84dc4a79da3b9d8ff9a98
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F251A672A266528AE7289B29C0503B8F7A0EF48B58F654531CE8D177B4CB3AF843C751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C31D54 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 27099d1c67046ba5536a5c52bb1b19252402c8bb4a5167aa336477e7b6d5f807
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6c2c329dc2642edee39e68a34668351e3b496d0f2f3db968c1d8ed98263d1858
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27099d1c67046ba5536a5c52bb1b19252402c8bb4a5167aa336477e7b6d5f807
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BA518536A3A6538AE7299B29C0442B8F3A0EF49B58F654531CE4D077B4CB3AF853C751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C31B50 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: dc981bf603441a130e1c6ba5e96f77be0c3c60e19ec03e3d560a09712d731568
                                                                                                                                                                                                                                                                                                            • Instruction ID: 5266b5cf2cc5d2bae24abb0ee118a80fe571c244b7a95ab8aca78d8948a7d7e7
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dc981bf603441a130e1c6ba5e96f77be0c3c60e19ec03e3d560a09712d731568
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4251E472A2A6528AE7289B28D0402B8E7A0EF45B5CF655931CE4C077A4DF3AF853C751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C31F60 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: e734bc54909bdf7d9c6fd1772be64da5dc64d4f5bf3044a39ac3ba7850561882
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6f2b6d8dc378e66543fc19b3f9e4516a3cab2a6a74cf01b52849d5e13f372ffb
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e734bc54909bdf7d9c6fd1772be64da5dc64d4f5bf3044a39ac3ba7850561882
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B351A336A3965285EB289B29C0402B8F7A0EF48B58F664531CE4C177B9DB3AF853C751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C31740 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3943df286285c50b07f09d339b53caaa0afa34ddfac4fad96d8a3f7ffd6ad23b
                                                                                                                                                                                                                                                                                                            • Instruction ID: 1f3f25cfeb3ca6163bfefdef37115935826b2d962f8bae7c4211461a5e1fb731
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3943df286285c50b07f09d339b53caaa0afa34ddfac4fad96d8a3f7ffd6ad23b
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AB519636A3965289E7289B29C0402B8F7A1EF45B58F6A4531CE4C177B4CF3AF853C751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C35D30 Relevance: .1, Instructions: 138COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: dde3b7cfbcf26fc8d7513faefc9a59c4b8821272907dfbb35b6db6355186da00
                                                                                                                                                                                                                                                                                                            • Instruction ID: 569313a9781e61e6a46a3b1c4de7bc9fe193e64be874166fda390422305f6376
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dde3b7cfbcf26fc8d7513faefc9a59c4b8821272907dfbb35b6db6355186da00
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9541B662C2F78B05E9ADA91C060C6F4E7809F127A0DDA5AB4DD9D173F7CD0D7686C122
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39EA0 Relevance: .1, Instructions: 126COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 485612231-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1c7003d4bfacf113f63307708dabd17e5ede6cda44dccf6aa27d02a6b9ea0481
                                                                                                                                                                                                                                                                                                            • Instruction ID: de6ae7e10055446c45945cf33f4af10b43048affeb47592ef5f74271249690cf
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1c7003d4bfacf113f63307708dabd17e5ede6cda44dccf6aa27d02a6b9ea0481
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2B41FB32725A5682EF08DF6AD9541B9F391FB48FD0B8A9436DE0D97B64DE3DE0418300
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C380E4 Relevance: .1, Instructions: 98COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 2b8cddb4ee5dd57f1c7573491c8f445712dd312cb7e9e547cfd0f9c072f4c0c7
                                                                                                                                                                                                                                                                                                            • Instruction ID: 3e952567e8cd4f0a55652efdfb4e314c783fb8bc6b71fce780a72a22202ab184
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2b8cddb4ee5dd57f1c7573491c8f445712dd312cb7e9e547cfd0f9c072f4c0c7
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8331E33272AB4341E668AF2164401AEF6D5AF84B90F954638EA4D53BE5DF3CE1028715
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C49570 Relevance: .0, Instructions: 32COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 5d3ac10822f6242d2b374fc0e1218152d8e80c351f0dfcd4fab21387456caa74
                                                                                                                                                                                                                                                                                                            • Instruction ID: e21272b692ac21e1d44241564d284bfa2d2bac4031322e0361c4ba8c882965ce
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5d3ac10822f6242d2b374fc0e1218152d8e80c351f0dfcd4fab21387456caa74
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 33F0C871B192928BDBA89F68A40266977D0FB483C0F80D439D58C83B24CA3CD0528F14
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2D30C Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3c3909751b2697c6481bc0460501d6177e5cf72f77169ad8285d6e0cd944102a
                                                                                                                                                                                                                                                                                                            • Instruction ID: a9f260b32996622368bf36df0fd1ad8d25f25dac7b72840162ef4543f9930db1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3c3909751b2697c6481bc0460501d6177e5cf72f77169ad8285d6e0cd944102a
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5EA00221D0ED0BD0E654FB20E8981B5A331FF68300BD20831E00E516B69F7DB804D321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C25830 Relevance: 229.6, APIs: 86, Strings: 45, Instructions: 400libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25840
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25852
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25889
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2589B
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C258B4
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C258C6
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C258DF
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C258F1
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2590D
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2591F
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2593B
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2594D
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25969
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2597B
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25997
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C259A9
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C259C5
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C259D7
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AddressErrorLastProc
                                                                                                                                                                                                                                                                                                            • String ID: Failed to get address for %hs$GetProcAddress$PyConfig_Clear$PyConfig_InitIsolatedConfig$PyConfig_Read$PyConfig_SetBytesString$PyConfig_SetString$PyConfig_SetWideStringList$PyErr_Clear$PyErr_Fetch$PyErr_NormalizeException$PyErr_Occurred$PyErr_Print$PyErr_Restore$PyEval_EvalCode$PyImport_AddModule$PyImport_ExecCodeModule$PyImport_ImportModule$PyMarshal_ReadObjectFromString$PyMem_RawFree$PyModule_GetDict$PyObject_CallFunction$PyObject_CallFunctionObjArgs$PyObject_GetAttrString$PyObject_SetAttrString$PyObject_Str$PyPreConfig_InitIsolatedConfig$PyRun_SimpleStringFlags$PyStatus_Exception$PySys_GetObject$PySys_SetObject$PyUnicode_AsUTF8$PyUnicode_Decode$PyUnicode_DecodeFSDefault$PyUnicode_FromFormat$PyUnicode_FromString$PyUnicode_Join$PyUnicode_Replace$Py_DecRef$Py_DecodeLocale$Py_ExitStatusException$Py_Finalize$Py_InitializeFromConfig$Py_IsInitialized$Py_PreInitialize
                                                                                                                                                                                                                                                                                                            • API String ID: 199729137-653951865
                                                                                                                                                                                                                                                                                                            • Opcode ID: a72b1b0889ffc37889110ad0e4f068dcb4eb8b0bbe2e77bf2d8672c26fae6e03
                                                                                                                                                                                                                                                                                                            • Instruction ID: d9a7490e08c8789a4b7033e7c457f5daa0a9d00f6472c95c89b3bd138d3127c2
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a72b1b0889ffc37889110ad0e4f068dcb4eb8b0bbe2e77bf2d8672c26fae6e03
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0F22CC64E0BB0791FA55BB65A8585F6A2A2BF08746FC71C35C81E027B1FF7EB1449230
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C281D0 Relevance: 24.6, APIs: 6, Strings: 8, Instructions: 117COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C29390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7A0C245F4,00000000,00007FF7A0C21985), ref: 00007FF7A0C293C9
                                                                                                                                                                                                                                                                                                            • ExpandEnvironmentStringsW.KERNEL32(?,00007FF7A0C286B7,?,?,00000000,00007FF7A0C23CBB), ref: 00007FF7A0C2822C
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22810: MessageBoxW.USER32 ref: 00007FF7A0C228EA
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ByteCharEnvironmentExpandMessageMultiStringsWide
                                                                                                                                                                                                                                                                                                            • String ID: %.*s$CreateDirectory$LOADER: failed to convert runtime-tmpdir to a wide string.$LOADER: failed to create runtime-tmpdir path %ls!$LOADER: failed to expand environment variables in the runtime-tmpdir.$LOADER: failed to obtain the absolute path of the runtime-tmpdir.$LOADER: runtime-tmpdir points to non-existent drive %ls (type: %d)!$\
                                                                                                                                                                                                                                                                                                            • API String ID: 1662231829-930877121
                                                                                                                                                                                                                                                                                                            • Opcode ID: 9187bed43bf71c5340eadf58a1920dd2feb36a2730cc38c17813087cef3183ed
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6c537215c45039fb5d3440ec8b358b33ef074aaaa05422ca639c488c238221af
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9187bed43bf71c5340eadf58a1920dd2feb36a2730cc38c17813087cef3183ed
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E1515421A2B64391FA54FB35D8552FAE251BF98780FC64C31D60E42BF5EE2CF5048760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22180 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: MoveWindow$ObjectSelect$DrawReleaseText
                                                                                                                                                                                                                                                                                                            • String ID: P%
                                                                                                                                                                                                                                                                                                            • API String ID: 2147705588-2959514604
                                                                                                                                                                                                                                                                                                            • Opcode ID: 044398bc2faddcfc72e28419b1c607044beef288ba0900b5e0371f537bcab75f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8a119bccb1eced48af6443c9e4ef596c85a9c47d713e5179922e18a0bf6ca3e7
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 044398bc2faddcfc72e28419b1c607044beef288ba0900b5e0371f537bcab75f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A551E7266057A286D634AF36E4181BAF7A1FB98B61F004121EBDE43795DF3CE045DB20
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C280C0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 67COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: LongWindow$BlockCreateErrorLastReasonShutdown
                                                                                                                                                                                                                                                                                                            • String ID: Needs to remove its temporary files.
                                                                                                                                                                                                                                                                                                            • API String ID: 3975851968-2863640275
                                                                                                                                                                                                                                                                                                            • Opcode ID: fca9629812ae98fc4dea80e51924cd1fa5b6a95a0379263e815d251d6ca0a567
                                                                                                                                                                                                                                                                                                            • Instruction ID: 66f8335a4ca638564a67118e3c11fb46579fb3cac4aa9e30c69e7074a9148b07
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fca9629812ae98fc4dea80e51924cd1fa5b6a95a0379263e815d251d6ca0a567
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6121A821B0BA4381E7417B7AA8581BDE251FF88B90F9A5530DA1D437F6DE2CF5958220
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C36290 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 494COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: -$:$f$p$p
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-2013873522
                                                                                                                                                                                                                                                                                                            • Opcode ID: 75ce3dd5e90789a751ac91fed3db50e3550f512a2f4dec46f6fb30c565ad9a60
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8c6302fd88bd23905d983e419cc08e7f0fe72a3e55a3b53d9c4dffcd09e3868a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 75ce3dd5e90789a751ac91fed3db50e3550f512a2f4dec46f6fb30c565ad9a60
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C512A161E2A24386FB68BA14D1142F9F6A1FF40754FC6C935E689077E4DB3CF5808B26
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C30FC8 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 475COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: f$f$p$p$f
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-1325933183
                                                                                                                                                                                                                                                                                                            • Opcode ID: efdc55b57c7b5823aa39a5abe82f144bbffe385c3037011f7a836833ec2ff017
                                                                                                                                                                                                                                                                                                            • Instruction ID: 7417040f52e99c832d94c14530a464163d2df6a16f760ce2c1da151029dd0ced
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: efdc55b57c7b5823aa39a5abe82f144bbffe385c3037011f7a836833ec2ff017
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89127662E2E14389FB687A15D0546F9F6A1FF80750FC64835EA99477E4DB3CF4808B22
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21050 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 119COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-3659356012
                                                                                                                                                                                                                                                                                                            • Opcode ID: 57d5c47146b980865e4ccb9d1bfbb1f6883f3dcc8a38dd42a855323e8fdcf1fe
                                                                                                                                                                                                                                                                                                            • Instruction ID: 11f39a614596cddb1dd8908a4716a34e2da60afb1825a0d97783a0ebf792c0f2
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 57d5c47146b980865e4ccb9d1bfbb1f6883f3dcc8a38dd42a855323e8fdcf1fe
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D341A421B1A65382EA04FB6198046F9E395BF58BC4FC64C32EE4C07BA6DE3CF5418760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21470 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 107COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-3659356012
                                                                                                                                                                                                                                                                                                            • Opcode ID: 02d3f8f716c828aaa8ee005d48c682f9a98f25bad0199aa1a2d1c24a0b52094f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 2d57bf9cdbda707dd9341bcc5f755a0c8de4d9374b762345064f41d628d21d25
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 02d3f8f716c828aaa8ee005d48c682f9a98f25bad0199aa1a2d1c24a0b52094f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06418F22A1A64396EA10FB3194001F9E391BF98794FC64C32ED4D07BBADE3CF5428720
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2EA08 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 310COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                                                                                                                                                                                                                            • String ID: csm$csm$csm
                                                                                                                                                                                                                                                                                                            • API String ID: 849930591-393685449
                                                                                                                                                                                                                                                                                                            • Opcode ID: aab7c7e636ea8a2572919ef13f94062ff4905efd63cd4babadd9079b892b9703
                                                                                                                                                                                                                                                                                                            • Instruction ID: c1680db7775c85e2af6a79a56159d3cc14831bb67bd1e8afaf7ffe01dabe64ec
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aab7c7e636ea8a2572919ef13f94062ff4905efd63cd4babadd9079b892b9703
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 48D17D32A0974286EB20BB7594503EDB7A4FF59788F920935DA4D67BA5CF38F091C710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22C50 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 104windowCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF7A0C23706,?,00007FF7A0C23804), ref: 00007FF7A0C22C9E
                                                                                                                                                                                                                                                                                                            • FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF7A0C23706,?,00007FF7A0C23804), ref: 00007FF7A0C22D63
                                                                                                                                                                                                                                                                                                            • MessageBoxW.USER32 ref: 00007FF7A0C22D99
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Message$CurrentFormatProcess
                                                                                                                                                                                                                                                                                                            • String ID: %ls: $<FormatMessageW failed.>$Error$[PYI-%d:ERROR]
                                                                                                                                                                                                                                                                                                            • API String ID: 3940978338-251083826
                                                                                                                                                                                                                                                                                                            • Opcode ID: c67c27f58c2af476bbbd059d0433c12e6f67668a4e3ecf6e42cf1bc8669f0b6b
                                                                                                                                                                                                                                                                                                            • Instruction ID: 73effb7c907028e18814893b7b8cbb4b0b932d76e1b9f3381eece6d0edea6088
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c67c27f58c2af476bbbd059d0433c12e6f67668a4e3ecf6e42cf1bc8669f0b6b
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0B31DA32709A4252E720BB25B8542EBA691BF887D8F820535EF4D53B69EF3CF546C310
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2DCC8 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DD4D
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DD5B
                                                                                                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DD85
                                                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DDF3
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DDFF
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                                                                                                                                                                                                                            • String ID: api-ms-
                                                                                                                                                                                                                                                                                                            • API String ID: 2559590344-2084034818
                                                                                                                                                                                                                                                                                                            • Opcode ID: 276526191d17588ee9fa22b972cdf0953455baf5c8a53fb276b347519b5968a9
                                                                                                                                                                                                                                                                                                            • Instruction ID: 89418a843fe448942d7d1619bdc09b69110d544a68418c44912d96aef2a7512d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 276526191d17588ee9fa22b972cdf0953455baf5c8a53fb276b347519b5968a9
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F1319021B1BB4391EE11BB26A4006F5A394FF5CBA4F9A4935ED1D07BA5EE3CF4448230
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C26360 Relevance: 10.6, APIs: 1, Strings: 6, Instructions: 82COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to load Python DLL '%ls'.$LoadLibrary$Path of Python shared library (%s) and its name (%s) exceed buffer size (%d)$Path of ucrtbase.dll (%s) and its name exceed buffer size (%d)$Reported length (%d) of Python shared library name (%s) exceeds buffer size (%d)$ucrtbase.dll
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-2434346643
                                                                                                                                                                                                                                                                                                            • Opcode ID: 2df6df0904ecf2e68063807813f252f2c523520ae69ca8fe89000ee1ae80a761
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0b179e741f40fdb6b1331299cfac110cf83287f53de19e07a44014284d82963c
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2df6df0904ecf2e68063807813f252f2c523520ae69ca8fe89000ee1ae80a761
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F416221A1AA8791EA15FB34E4552E9A311FF58784FC10932DA9C43BB5EF3CF505C760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22A50 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(00000000,?,?,?,00000000,00007FF7A0C2351A,?,00000000,00007FF7A0C23F23), ref: 00007FF7A0C22AA0
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: 0$WARNING$Warning$Warning [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-2900015858
                                                                                                                                                                                                                                                                                                            • Opcode ID: d3ff72078d09a899d0ca032b5bdbc8691629937d026b54217f09319e947088a3
                                                                                                                                                                                                                                                                                                            • Instruction ID: c1ebeb659a4b0b7483fd2b871d10cbf38baea1d0e69106e5f24213acc1b5f6e7
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d3ff72078d09a899d0ca032b5bdbc8691629937d026b54217f09319e947088a3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3A218332A1A78292E720AB61F4857E6B394FF887C4F810535FE8C43B69DF7CE1458650
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B150 Relevance: 10.6, APIs: 7, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Value$ErrorLast
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2506987500-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: a42b9cf7ed1ffe71ebcf97f5a72f2c90d2921d4b6bb9ef7954fc9d2fe8c6feaf
                                                                                                                                                                                                                                                                                                            • Instruction ID: ffd737f332fffa560d4cac39eca2d73ee6dc05053d86c6affc1cc110dc23a480
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a42b9cf7ed1ffe71ebcf97f5a72f2c90d2921d4b6bb9ef7954fc9d2fe8c6feaf
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 85214F24A2E64341F96C732596651FEE2429F44BB0F864F34DA3E467F7DD2CB4114722
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C47D6C Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                                                                                                                                                                            • String ID: CONOUT$
                                                                                                                                                                                                                                                                                                            • API String ID: 3230265001-3130406586
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3755c2f75cb97972cd4ab37a7e27d28fd0bf6f95a56d27d10542fc75f089f0eb
                                                                                                                                                                                                                                                                                                            • Instruction ID: d8531717522e5691214876a22e10b7778bd4622ca2c4477775b6f0bfcf677030
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3755c2f75cb97972cd4ab37a7e27d28fd0bf6f95a56d27d10542fc75f089f0eb
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A511D621B19A4286E750AB16F858379A3A1FF88BE4F410B34D95D877B4CF7DF4048710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C28ED0 Relevance: 9.1, APIs: 6, Instructions: 121COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcess.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C28EFD
                                                                                                                                                                                                                                                                                                            • K32EnumProcessModules.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C28F5A
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C29390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7A0C245F4,00000000,00007FF7A0C21985), ref: 00007FF7A0C293C9
                                                                                                                                                                                                                                                                                                            • K32GetModuleFileNameExW.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C28FE5
                                                                                                                                                                                                                                                                                                            • K32GetModuleFileNameExW.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C29044
                                                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C29055
                                                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C2906A
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: FileFreeLibraryModuleNameProcess$ByteCharCurrentEnumModulesMultiWide
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3462794448-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 0184f5a771bb2c28f933eba3e4018dda16e38d059dd6d010c17659477659ba58
                                                                                                                                                                                                                                                                                                            • Instruction ID: 31fa58a5d9e0736b41c32475f3734a92f5b7443e85d99ac3974414f45ed4ae60
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0184f5a771bb2c28f933eba3e4018dda16e38d059dd6d010c17659477659ba58
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E416461A1A68741EA30BB21A5502FAA394FF8DB84F864535DF4D57BA9DE3CF500C710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B2C8 Relevance: 9.1, APIs: 6, Instructions: 57COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B2D7
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B30D
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B33A
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B34B
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B35C
                                                                                                                                                                                                                                                                                                            • SetLastError.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B377
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Value$ErrorLast
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2506987500-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1c08c83365d44066401784e1b70b71c7670d14ff4fb682678828c33d1612b477
                                                                                                                                                                                                                                                                                                            • Instruction ID: 20d3c0ee7f0fe8be38a3895788d3f7c5111ff353292385818e9218474a35c194
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1c08c83365d44066401784e1b70b71c7670d14ff4fb682678828c33d1612b477
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 25115E20A2EA5382FA9CB72556511FDE1429F44BB0F864F34D92E477F7DE2CB4114322
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22910 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 86COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,?,?,?,00000000,00000000,?,00000000,00007FF7A0C21B6A), ref: 00007FF7A0C2295E
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: %s: %s$Error$Error [ANSI Fallback]$[PYI-%d:ERROR]
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-2962405886
                                                                                                                                                                                                                                                                                                            • Opcode ID: b3354eec44a94607d33eb4f3788ab89374ba031f66333e1b118589dca889f3f3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0bb274a527b98a9288e9b108aab3467811184af40c100eaea77d0da477687922
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b3354eec44a94607d33eb4f3788ab89374ba031f66333e1b118589dca889f3f3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9F31EA22B1A68252E710B765A8406E7E295BF887D4F820531FE8D83B69EF7CF546C210
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22390 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81windowCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: DeleteDestroyDialogHandleIconIndirectModuleObjectParam
                                                                                                                                                                                                                                                                                                            • String ID: Unhandled exception in script
                                                                                                                                                                                                                                                                                                            • API String ID: 3081866767-2699770090
                                                                                                                                                                                                                                                                                                            • Opcode ID: 851ce5d4a208b56cb63585478e484d0f9d6918564d04618497f061aba15d8534
                                                                                                                                                                                                                                                                                                            • Instruction ID: a51ed569a35807d207ce8d5518295ca67ec357ffd56ae854ab3d9e76355803e0
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 851ce5d4a208b56cb63585478e484d0f9d6918564d04618497f061aba15d8534
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0131837261AA8385EB24FF61E8552FAA361FF88784F850535EA4D47B6ADF3CE100C711
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22B50 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 65windowCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,00000000,00000000,FFFFFFFF,00000000,00007FF7A0C2918F,?,00007FF7A0C23C55), ref: 00007FF7A0C22BA0
                                                                                                                                                                                                                                                                                                            • MessageBoxW.USER32 ref: 00007FF7A0C22C2A
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentMessageProcess
                                                                                                                                                                                                                                                                                                            • String ID: WARNING$Warning$[PYI-%d:%ls]
                                                                                                                                                                                                                                                                                                            • API String ID: 1672936522-3797743490
                                                                                                                                                                                                                                                                                                            • Opcode ID: 4a0b6e8ebe13cae449087f655af1d2523953ec7fd560ce9a50e7097f48d063a1
                                                                                                                                                                                                                                                                                                            • Instruction ID: eff686c367866611b13f4d62b7b9cc0c2180a8e4574156952ff7a0dde5435046
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4a0b6e8ebe13cae449087f655af1d2523953ec7fd560ce9a50e7097f48d063a1
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9721D322B09B4252E710AB24F4847EAB364FF88784F810535EE8D53B6ADE3CE205C750
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22710 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,00000000,00000000,?,00000000,00007FF7A0C21B99), ref: 00007FF7A0C22760
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: ERROR$Error$Error [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-1591803126
                                                                                                                                                                                                                                                                                                            • Opcode ID: a4fe537d534c2fb53088f6f6b76b448a80ccad2508d4dc842b27f1a8247accfc
                                                                                                                                                                                                                                                                                                            • Instruction ID: 57432c9305f9365593f214d3be7e79b5c90ed4459275fec10d6e1fef2c22fe61
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a4fe537d534c2fb53088f6f6b76b448a80ccad2508d4dc842b27f1a8247accfc
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5B218332A1A78252E710AB61F4857E6A394FF887C4F810535FE8C43B69DF7CE1458750
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39A88 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                                                                                                            • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                                                                                                                            • API String ID: 4061214504-1276376045
                                                                                                                                                                                                                                                                                                            • Opcode ID: b239dd027a539e56a716c05e535b4da9cb8e2339e08a4dc57142401ef2416000
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6df8870a6d1b1f2b55bc2e119576f35f2051bdb4f17c8321d8cac51ccce6a69e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b239dd027a539e56a716c05e535b4da9cb8e2339e08a4dc57142401ef2416000
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F8F0AF61B1A60782EA24AB20A4483BAE360FF49761F850A35DA6E463F4DF2DF044D320
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C49368 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _set_statfp
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1156100317-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: bce21d2362216a5e504affcf34f2858e363de54600403cac3d1eeb36cb2ab404
                                                                                                                                                                                                                                                                                                            • Instruction ID: 58a257724a657ae1c001abf599d018cc7fd8d1a33fb1a56cddef93ad5704dfac
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bce21d2362216a5e504affcf34f2858e363de54600403cac3d1eeb36cb2ab404
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E5118622D5DA2303FA543555E49D3F99052FF5A360F86CE34EA6F163FA8E6E78414130
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B390 Relevance: 7.6, APIs: 5, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • FlsGetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B3AF
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B3CE
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B3F6
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B407
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B418
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Value
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3702945584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 44f6b3e63c936746b9124b5af5da9c753e88c88086b63197a25bc1506e4861c0
                                                                                                                                                                                                                                                                                                            • Instruction ID: c25808635ad2aaf508d07ba9642770cdafb356c2e85025d12e358f9e7965c7d1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 44f6b3e63c936746b9124b5af5da9c753e88c88086b63197a25bc1506e4861c0
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28110020E1AA4341F95CB72556512FDE1419F447B0FCA4F34E92D467F7DE2CB4524222
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B224 Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Value
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3702945584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 92671db20a050c4f2636db97a8291f7b9cbb2c044339a59ef12305351f814945
                                                                                                                                                                                                                                                                                                            • Instruction ID: c7701ed0a72d2e37f79c4a6d67b6d1ac919a413cc43387db6a03e57fdb29a07d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 92671db20a050c4f2636db97a8291f7b9cbb2c044339a59ef12305351f814945
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 82110320A2BA0741F96CB26545211FEE2428F45730F8A4F34DA3E4A7F3DD2DB4514232
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C35FA0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 242COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: verbose
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-579935070
                                                                                                                                                                                                                                                                                                            • Opcode ID: 8c3a45f75ca5c0a3459ca2e96ae2fbbf181a3d63a640e770f0a7cf37c7606cec
                                                                                                                                                                                                                                                                                                            • Instruction ID: 15bc61e14f38d27684e6bc9d8875da1d34bad2af1dd600a67f2bf1be0291ead0
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8c3a45f75ca5c0a3459ca2e96ae2fbbf181a3d63a640e770f0a7cf37c7606cec
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C391F332A2A64781E728AE24D4113FEF7A0AF40B54FC68932DA5D473E5DE3DF4058322
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3FBC8 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 219COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: UTF-16LEUNICODE$UTF-8$ccs
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-1196891531
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7089664b0a027e884898b454f5d4d61e653d4f3baae8c024cbe23c99275e4c13
                                                                                                                                                                                                                                                                                                            • Instruction ID: 135fec91b233af5cc7dac7f6896538110ffa4a979a25b758a4b3181d35a0fe8a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7089664b0a027e884898b454f5d4d61e653d4f3baae8c024cbe23c99275e4c13
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6281A372D2AA4385F7697E2581442F9E6A0AF11B44FD75C31CA09973B5CB2CF8239623
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2D648 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 154COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                                                                                                                                                                                                                            • String ID: csm
                                                                                                                                                                                                                                                                                                            • API String ID: 2395640692-1018135373
                                                                                                                                                                                                                                                                                                            • Opcode ID: 4bd751ab4a757734da5bac4c310991cbc8ef63d187f18c7a3c34a87046479a0f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 12ae6367435e98f2458e2a12485aa4bad6ee4cc05b12136372387fee31873f56
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4bd751ab4a757734da5bac4c310991cbc8ef63d187f18c7a3c34a87046479a0f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D519236A1A7438ADB14BB25D044BB8B391EF58B94F924930DA4E47BA8DF7CF841C750
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2F288 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                                                                                                                                                                                                                            • String ID: csm$csm
                                                                                                                                                                                                                                                                                                            • API String ID: 3896166516-3733052814
                                                                                                                                                                                                                                                                                                            • Opcode ID: b828653c103bc27f8420a51a056d9897bfd6e6497fd7c081c32eb92dd3ed2bbb
                                                                                                                                                                                                                                                                                                            • Instruction ID: d8d71eba59c168b3ba1ae824716e722307806f1e824c9408f19e0d3af265a8f3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b828653c103bc27f8420a51a056d9897bfd6e6497fd7c081c32eb92dd3ed2bbb
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E351A132A0974B86EB24BB31D0542A9B790EF58B84F964535DA4C43FA5CF7CF462CB10
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2EED8 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CallEncodePointerTranslator
                                                                                                                                                                                                                                                                                                            • String ID: MOC$RCC
                                                                                                                                                                                                                                                                                                            • API String ID: 3544855599-2084237596
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1c81a5d02d7979dd4dad50f55436adaf5051385037e661534b2c2f58034018d3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 105abb737cce97bfd1c64ec9202d2ccf99efb8dc68faec24ffbb9bc33d113667
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1c81a5d02d7979dd4dad50f55436adaf5051385037e661534b2c2f58034018d3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 45618032909B8685D720AB25E4403EAB7A0FB89784F854635EB9C13B65CF7CE1A1CB10
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22810 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 65windowCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Message
                                                                                                                                                                                                                                                                                                            • String ID: ERROR$Error$[PYI-%d:%ls]
                                                                                                                                                                                                                                                                                                            • API String ID: 2030045667-255084403
                                                                                                                                                                                                                                                                                                            • Opcode ID: 035b7a672ed8def45fe49a9c290554376ffedfd07499b26c39d849b73b89d90e
                                                                                                                                                                                                                                                                                                            • Instruction ID: b6312bb1418801c6037f82234456c629e03965953e39ba6d51e6b0351c067558
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 035b7a672ed8def45fe49a9c290554376ffedfd07499b26c39d849b73b89d90e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1321D372B09B4292E710AB24F4847EAB3A0FF88780F810535EE8D5376ADE3CE245C750
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3C5A0 Relevance: 6.3, APIs: 4, Instructions: 299fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2718003287-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 04e310725d937c0b27e7ac1e6c46040fced781be2c4963351fe3137ba04acc33
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0b35890192f65bdb57e5fef155bcad069ac46718a958d0ac66eaf53f5501689b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 04e310725d937c0b27e7ac1e6c46040fced781be2c4963351fe3137ba04acc33
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73D12572B1AB4289E714DF75C4802ECB7B1FB14798B824636DE4D97BA9DE38E006C711
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C220C0 Relevance: 6.1, APIs: 4, Instructions: 52COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: LongWindow$DialogInvalidateRect
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1956198572-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3f66ec3ad31a24d6b03c6ecd933265a99c2c3f38e7b83c206d3886b5f9d1bb92
                                                                                                                                                                                                                                                                                                            • Instruction ID: 47b08541bb5e98152de1df3d43dd95ded3e48e17c5121fc58aa2c93dd384282e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3f66ec3ad31a24d6b03c6ecd933265a99c2c3f38e7b83c206d3886b5f9d1bb92
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9811C621A0D14352F654BB7AE5486FD9252FF88790FC55830DF4907FAADD2DF8918210
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C45B1C Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 121COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _get_daylight$_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: ?
                                                                                                                                                                                                                                                                                                            • API String ID: 1286766494-1684325040
                                                                                                                                                                                                                                                                                                            • Opcode ID: 21862b7f5a6063227688de7d7fc5fbfc7fa1fb1d7946118fe9e576ba790fa6aa
                                                                                                                                                                                                                                                                                                            • Instruction ID: b56a335598895307bffbb21fb4a4150b940e13c8f7301da5e94201eb7c808d52
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 21862b7f5a6063227688de7d7fc5fbfc7fa1fb1d7946118fe9e576ba790fa6aa
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 70412512E0A38346F724A72594493BAF652FF80BA4F954634EE4C06BF6DF3DE4418710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39014 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 111COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C39046
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: RtlFreeHeap.NTDLL(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A95E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: GetLastError.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A968
                                                                                                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(?,?,?,?,?,00007FF7A0C2CBA5), ref: 00007FF7A0C39064
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                            • API String ID: 3580290477-517116171
                                                                                                                                                                                                                                                                                                            • Opcode ID: 136b352ca89953b7aac46d199a587659114d0cf60bae53edf27061cb20026a80
                                                                                                                                                                                                                                                                                                            • Instruction ID: 079443ae0f506acad9f23d614e175981b0bc64d39f7da26a100cf9d431c81dc5
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 136b352ca89953b7aac46d199a587659114d0cf60bae53edf27061cb20026a80
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1A415B36A1AB0386EB19AF21D4401EDF2A4EF44BD0B965835E94E53BA5DE3CF4918321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3CC38 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFileLastWrite
                                                                                                                                                                                                                                                                                                            • String ID: U
                                                                                                                                                                                                                                                                                                            • API String ID: 442123175-4171548499
                                                                                                                                                                                                                                                                                                            • Opcode ID: 4f5d94246872f2193e537bc66f33c90add5f7e97f4787e66017fcfb3b1ebd6d4
                                                                                                                                                                                                                                                                                                            • Instruction ID: 2c0f98df7d8224c5ab303a503ff41957bfb29fff724ee327cf373c742f2cfd8a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4f5d94246872f2193e537bc66f33c90add5f7e97f4787e66017fcfb3b1ebd6d4
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ED41B432729A4281DB20AF25E4443FAE761FB88784F914531EE4D877A4EF3CE401D751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3F5B8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentDirectory
                                                                                                                                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                                                                                                                                            • API String ID: 1611563598-336475711
                                                                                                                                                                                                                                                                                                            • Opcode ID: 9aa1b1c0966d0181e71a7442aa19fd9d8a3a06258be719e39fc35e3b215e25b0
                                                                                                                                                                                                                                                                                                            • Instruction ID: d837d0594d1f2187d6b14eab9d73c45481aa34fe3220dd2ee05d5e54e0e7a8f5
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9aa1b1c0966d0181e71a7442aa19fd9d8a3a06258be719e39fc35e3b215e25b0
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C221F772A1964281EB24AB11D0452ADF3B1FF88B84FC74835E64D437A4CF7CF5558762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2FD48 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionFileHeaderRaise
                                                                                                                                                                                                                                                                                                            • String ID: csm
                                                                                                                                                                                                                                                                                                            • API String ID: 2573137834-1018135373
                                                                                                                                                                                                                                                                                                            • Opcode ID: b596af9f6a60738c50b353da5cbad86497326ffe12a5eabfdc94c01c9dae4a3e
                                                                                                                                                                                                                                                                                                            • Instruction ID: a64a565d4d6e3f8fd67bde9380e8ad4d88971d9d5c4452f0250fd87b657ebb1a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b596af9f6a60738c50b353da5cbad86497326ffe12a5eabfdc94c01c9dae4a3e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 68115E32609B8682EB219F25E400299B7E5FF88B84F594630EB8D07B65DF3CE5528B00
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C4073C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 36COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.3039059029.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3038990042.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039142026.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039226250.00007FF7A0C62000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.3039382537.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: DriveType_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                                                                                                                                            • API String ID: 2595371189-336475711
                                                                                                                                                                                                                                                                                                            • Opcode ID: 68237dfdc7112287ec82a3b365f776b5c9f6f856de5878160eaa1a8f91e0357f
                                                                                                                                                                                                                                                                                                            • Instruction ID: c42803372e61254891469ff545854aceb2cf9d043f3024b028b5daa6f66b82cc
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 68237dfdc7112287ec82a3b365f776b5c9f6f856de5878160eaa1a8f91e0357f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4E018F2291960386F724BF6094692FEE3A0FF88784FD60835D54D477A1DE3DF5048B26

                                                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                                                            Execution Coverage:2.7%
                                                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                                            Signature Coverage:0.2%
                                                                                                                                                                                                                                                                                                            Total number of Nodes:1015
                                                                                                                                                                                                                                                                                                            Total number of Limit Nodes:55
                                                                                                                                                                                                                                                                                                            execution_graph 63658 7ff7a0c35628 63659 7ff7a0c35642 63658->63659 63660 7ff7a0c3565f 63658->63660 63683 7ff7a0c34ee8 11 API calls _set_fmode 63659->63683 63660->63659 63661 7ff7a0c35672 CreateFileW 63660->63661 63663 7ff7a0c356dc 63661->63663 63664 7ff7a0c356a6 63661->63664 63687 7ff7a0c35c04 46 API calls 3 library calls 63663->63687 63686 7ff7a0c3577c 59 API calls 3 library calls 63664->63686 63665 7ff7a0c35647 63684 7ff7a0c34f08 11 API calls _set_fmode 63665->63684 63669 7ff7a0c356b4 63672 7ff7a0c356bb CloseHandle 63669->63672 63673 7ff7a0c356d1 CloseHandle 63669->63673 63670 7ff7a0c356e1 63674 7ff7a0c35710 63670->63674 63675 7ff7a0c356e5 63670->63675 63671 7ff7a0c3564f 63685 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 63671->63685 63678 7ff7a0c3565a 63672->63678 63673->63678 63689 7ff7a0c359c4 51 API calls 63674->63689 63688 7ff7a0c34e7c 11 API calls 2 library calls 63675->63688 63680 7ff7a0c3571d 63690 7ff7a0c35b00 21 API calls _fread_nolock 63680->63690 63682 7ff7a0c356ef 63682->63678 63683->63665 63684->63671 63685->63678 63686->63669 63687->63670 63688->63682 63689->63680 63690->63682 63691 7ff8a8dd1230 GetSystemInfo 63692 7ff8a8dd1264 63691->63692 63693 7ff8a8de2250 63694 7ff8a8de22ab 63693->63694 63695 7ff8a8de22bd strcmp 63694->63695 63696 7ff8a8de22d0 63694->63696 63695->63696 63711 7ff8a8dc6180 63696->63711 63698 7ff8a8dc6180 new[] 12 API calls 63700 7ff8a8de260a 63698->63700 63710 7ff8a8de23c4 63700->63710 63715 7ff8a8dd92b0 63700->63715 63704 7ff8a8dc6180 new[] 12 API calls 63705 7ff8a8de23b8 63704->63705 63706 7ff8a8de23fd memcpy 63705->63706 63708 7ff8a8de2408 63705->63708 63705->63710 63706->63708 63708->63698 63709 7ff8a8de2665 63708->63709 63708->63710 63709->63710 63745 7ff8a8dd8a10 63709->63745 63736 7ff8a8ef2900 63710->63736 63712 7ff8a8dc6199 63711->63712 63713 7ff8a8dc6240 63711->63713 63712->63713 63756 7ff8a8dc5b35 malloc 63712->63756 63713->63704 63713->63708 63713->63710 63716 7ff8a8dd9335 63715->63716 63717 7ff8a8dd948d 63715->63717 63716->63717 63719 7ff8a8dd934e 63716->63719 63718 7ff8a8dd9390 63717->63718 63721 7ff8a8dc6180 new[] 12 API calls 63717->63721 63720 7ff8a8dc6180 new[] 12 API calls 63718->63720 63734 7ff8a8dd95c2 63718->63734 63725 7ff8a8dc6180 new[] 12 API calls 63719->63725 63722 7ff8a8dd93df 63720->63722 63732 7ff8a8dd94c5 63721->63732 63723 7ff8a8dd93eb memset 63722->63723 63722->63734 63724 7ff8a8dd9455 memcpy 63723->63724 63731 7ff8a8dd9679 63723->63731 63726 7ff8a8dd9477 memcpy 63724->63726 63727 7ff8a8dd962b 63724->63727 63728 7ff8a8dd9369 63725->63728 63729 7ff8a8dd962e memcpy memcpy 63726->63729 63727->63729 63730 7ff8a8dd9375 memcpy 63728->63730 63728->63734 63729->63731 63730->63718 63731->63734 63761 7ff8a8dcffd0 63731->63761 63732->63718 63732->63734 63772 7ff8a8e85ae0 12 API calls 63732->63772 63734->63709 63737 7ff8a8ef2909 63736->63737 63738 7ff8a8de23e1 63737->63738 63739 7ff8a8ef2954 IsProcessorFeaturePresent 63737->63739 63740 7ff8a8ef296c 63739->63740 63782 7ff8a8ef2b4c RtlCaptureContext RtlLookupFunctionEntry RtlVirtualUnwind 63740->63782 63742 7ff8a8ef297f 63783 7ff8a8ef2920 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 63742->63783 63747 7ff8a8dd8a43 63745->63747 63784 7ff8a8dddec0 63747->63784 63748 7ff8a8dd8b0c 63790 7ff8a8dd42a0 63748->63790 63751 7ff8a8dd8b54 63794 7ff8a8dd6c90 memset 63751->63794 63754 7ff8a8dd8b5e 63795 7ff8a8dd7270 24 API calls 63754->63795 63755 7ff8a8dd8b5c 63755->63710 63757 7ff8a8dc5b62 63756->63757 63758 7ff8a8dc5b4e 63756->63758 63757->63713 63760 7ff8a8dc9340 12 API calls 63758->63760 63760->63757 63767 7ff8a8dd0021 63761->63767 63764 7ff8a8ef2900 8 API calls 63765 7ff8a8dd0647 63764->63765 63765->63734 63766 7ff8a8dd03a8 63766->63764 63767->63766 63768 7ff8a8dd01f0 CreateFileW 63767->63768 63770 7ff8a8dd0475 63767->63770 63773 7ff8a8dcd020 63767->63773 63779 7ff8a8dcfa10 15 API calls new[] 63767->63779 63780 7ff8a8dc9340 12 API calls 63767->63780 63768->63767 63781 7ff8a8e85ae0 12 API calls 63770->63781 63772->63718 63774 7ff8a8dcd05e 63773->63774 63775 7ff8a8dc6180 new[] 12 API calls 63774->63775 63778 7ff8a8dcd0a7 63774->63778 63776 7ff8a8dcd073 63775->63776 63777 7ff8a8dcd07b memset 63776->63777 63776->63778 63777->63778 63778->63767 63779->63767 63780->63767 63781->63766 63782->63742 63785 7ff8a8dddeef 63784->63785 63788 7ff8a8dddfa4 63784->63788 63785->63788 63796 7ff8a8ddfbb0 25 API calls 63785->63796 63787 7ff8a8dddf5d 63787->63788 63797 7ff8a8ddd960 12 API calls 63787->63797 63788->63748 63791 7ff8a8dd43b8 63790->63791 63792 7ff8a8dd42c5 63790->63792 63791->63751 63791->63754 63792->63791 63793 7ff8a8dd43a1 memset 63792->63793 63793->63791 63794->63755 63795->63755 63796->63787 63797->63788 63798 7ff8a8df7d60 63799 7ff8a8df7d72 63798->63799 63800 7ff8a8df7d7f 63798->63800 63801 7ff8a8df7d87 63800->63801 63804 7ff8a8df7dd2 63800->63804 63825 7ff8a8dc9340 12 API calls 63801->63825 63803 7ff8a8df7d98 63826 7ff8a8dc9340 12 API calls 63803->63826 63811 7ff8a8df5950 63804->63811 63807 7ff8a8df7dc2 63808 7ff8a8df7e03 63815 7ff8a8e822e0 63808->63815 63810 7ff8a8df7e2f 63812 7ff8a8df5969 63811->63812 63814 7ff8a8df596e 63811->63814 63827 7ff8a8df54a0 41 API calls 63812->63827 63814->63808 63816 7ff8a8e822f4 63815->63816 63824 7ff8a8e824f8 63815->63824 63816->63824 63828 7ff8a8e826e0 63816->63828 63818 7ff8a8e823a1 63819 7ff8a8e823b8 63818->63819 63842 7ff8a8e2b040 memset 63818->63842 63819->63824 63851 7ff8a8e21740 63819->63851 63822 7ff8a8e82349 63822->63818 63834 7ff8a8de2bb0 63822->63834 63824->63810 63825->63803 63826->63807 63827->63814 63829 7ff8a8e8270f 63828->63829 63831 7ff8a8e8277f 63829->63831 63863 7ff8a8de4cf0 63829->63863 63833 7ff8a8e827e4 63831->63833 63873 7ff8a8e21310 13 API calls 63831->63873 63833->63822 63835 7ff8a8de2bc8 63834->63835 63836 7ff8a8de4cf0 28 API calls 63835->63836 63839 7ff8a8de2be3 63836->63839 63837 7ff8a8dd8a10 34 API calls 63838 7ff8a8de2cb5 63837->63838 63840 7ff8a8de2cc9 63838->63840 63841 7ff8a8e2b040 13 API calls 63838->63841 63839->63837 63839->63840 63840->63822 63841->63840 63850 7ff8a8e2b0d3 63842->63850 63843 7ff8a8e2b37d 63845 7ff8a8e21740 12 API calls 63843->63845 63846 7ff8a8e2b3e0 63843->63846 63845->63843 63847 7ff8a8ef2900 8 API calls 63846->63847 63849 7ff8a8e2b430 63847->63849 63849->63819 63850->63843 63878 7ff8a8e55d70 12 API calls 63850->63878 63879 7ff8a8e0d150 12 API calls 63850->63879 63852 7ff8a8e217f8 63851->63852 63858 7ff8a8e2176c 63851->63858 63859 7ff8a8e21800 63852->63859 63887 7ff8a8e459c0 12 API calls 63852->63887 63858->63852 63884 7ff8a8dcca10 12 API calls new[] 63858->63884 63885 7ff8a8e0d150 12 API calls 63858->63885 63886 7ff8a8e0e7e0 12 API calls 63858->63886 63880 7ff8a8e215d0 63859->63880 63860 7ff8a8e218ca 63861 7ff8a8e2190b 63860->63861 63888 7ff8a8e0e7e0 12 API calls 63860->63888 63864 7ff8a8de4d17 63863->63864 63866 7ff8a8de4d3c 63864->63866 63874 7ff8a8de0270 19 API calls 63864->63874 63868 7ff8a8de4d60 63866->63868 63875 7ff8a8de4be0 19 API calls 63866->63875 63870 7ff8a8de4dfc 63868->63870 63876 7ff8a8ddb1c0 24 API calls 63868->63876 63870->63829 63871 7ff8a8de4d77 63871->63870 63877 7ff8a8dd7270 24 API calls 63871->63877 63873->63833 63874->63866 63875->63868 63876->63871 63877->63870 63878->63850 63879->63850 63881 7ff8a8e21708 63880->63881 63882 7ff8a8e215f2 63880->63882 63881->63860 63882->63881 63889 7ff8a8e0e7e0 12 API calls 63882->63889 63884->63858 63885->63858 63886->63858 63887->63859 63888->63861 63889->63881 63890 7ff7a0c2cc3c 63911 7ff7a0c2ce0c 63890->63911 63893 7ff7a0c2cd88 64062 7ff7a0c2d12c 7 API calls 2 library calls 63893->64062 63894 7ff7a0c2cc58 __scrt_acquire_startup_lock 63896 7ff7a0c2cd92 63894->63896 63903 7ff7a0c2cc76 __scrt_release_startup_lock 63894->63903 64063 7ff7a0c2d12c 7 API calls 2 library calls 63896->64063 63898 7ff7a0c2cc9b 63899 7ff7a0c2cd9d __FrameHandler3::FrameUnwindToEmptyState 63900 7ff7a0c2cd21 63917 7ff7a0c2d274 63900->63917 63902 7ff7a0c2cd26 63920 7ff7a0c21000 63902->63920 63903->63898 63903->63900 64059 7ff7a0c39b2c 45 API calls 63903->64059 63908 7ff7a0c2cd49 63908->63899 64061 7ff7a0c2cf90 7 API calls 63908->64061 63910 7ff7a0c2cd60 63910->63898 63912 7ff7a0c2ce14 63911->63912 63913 7ff7a0c2ce20 __scrt_dllmain_crt_thread_attach 63912->63913 63914 7ff7a0c2ce2d 63913->63914 63916 7ff7a0c2cc50 63913->63916 63914->63916 64064 7ff7a0c2d888 7 API calls 2 library calls 63914->64064 63916->63893 63916->63894 64065 7ff7a0c4a4d0 63917->64065 63919 7ff7a0c2d28b GetStartupInfoW 63919->63902 63921 7ff7a0c21009 63920->63921 64067 7ff7a0c35484 63921->64067 63923 7ff7a0c237fb 64074 7ff7a0c236b0 63923->64074 63930 7ff7a0c2383c 64177 7ff7a0c21c80 63930->64177 63931 7ff7a0c2391b 64182 7ff7a0c245c0 63931->64182 63935 7ff7a0c2385b 64146 7ff7a0c28830 63935->64146 63937 7ff7a0c2396a 64205 7ff7a0c22710 54 API calls _log10_special 63937->64205 63938 7ff7a0c2388e 63948 7ff7a0c238bb __std_exception_destroy 63938->63948 64181 7ff7a0c289a0 40 API calls __std_exception_destroy 63938->64181 63941 7ff7a0c2395d 63942 7ff7a0c23962 63941->63942 63943 7ff7a0c23984 63941->63943 64201 7ff7a0c3004c 63942->64201 63944 7ff7a0c21c80 49 API calls 63943->63944 63947 7ff7a0c239a3 63944->63947 63952 7ff7a0c21950 115 API calls 63947->63952 63949 7ff7a0c28830 14 API calls 63948->63949 63958 7ff7a0c238de __std_exception_destroy 63948->63958 63949->63958 63951 7ff7a0c23a0b 64208 7ff7a0c289a0 40 API calls __std_exception_destroy 63951->64208 63954 7ff7a0c239ce 63952->63954 63954->63935 63957 7ff7a0c239de 63954->63957 63955 7ff7a0c23a17 64209 7ff7a0c289a0 40 API calls __std_exception_destroy 63955->64209 64206 7ff7a0c22710 54 API calls _log10_special 63957->64206 63962 7ff7a0c2390e __std_exception_destroy 63958->63962 64207 7ff7a0c28940 40 API calls __std_exception_destroy 63958->64207 63959 7ff7a0c23a23 64210 7ff7a0c289a0 40 API calls __std_exception_destroy 63959->64210 63963 7ff7a0c28830 14 API calls 63962->63963 63964 7ff7a0c23a3b 63963->63964 63965 7ff7a0c23b2f 63964->63965 63966 7ff7a0c23a60 __std_exception_destroy 63964->63966 64212 7ff7a0c22710 54 API calls _log10_special 63965->64212 63973 7ff7a0c23aab 63966->63973 64211 7ff7a0c28940 40 API calls __std_exception_destroy 63966->64211 63969 7ff7a0c28830 14 API calls 63970 7ff7a0c23bf4 __std_exception_destroy 63969->63970 63971 7ff7a0c23d41 63970->63971 63972 7ff7a0c23c46 63970->63972 64226 7ff7a0c244e0 49 API calls 63971->64226 63974 7ff7a0c23c50 63972->63974 63975 7ff7a0c23cd4 63972->63975 63973->63969 64213 7ff7a0c290e0 59 API calls _log10_special 63974->64213 63978 7ff7a0c28830 14 API calls 63975->63978 63981 7ff7a0c23ce0 63978->63981 63979 7ff7a0c23d4f 63982 7ff7a0c23d71 63979->63982 63983 7ff7a0c23d65 63979->63983 63980 7ff7a0c23c55 63986 7ff7a0c23c61 63980->63986 63987 7ff7a0c23cb3 63980->63987 63981->63986 63988 7ff7a0c23ced 63981->63988 63985 7ff7a0c21c80 49 API calls 63982->63985 64227 7ff7a0c24630 63983->64227 63998 7ff7a0c23d2b __std_exception_destroy 63985->63998 64214 7ff7a0c22710 54 API calls _log10_special 63986->64214 64224 7ff7a0c28660 86 API calls 2 library calls 63987->64224 63991 7ff7a0c21c80 49 API calls 63988->63991 63994 7ff7a0c23d0b 63991->63994 63992 7ff7a0c23dc4 64159 7ff7a0c29390 63992->64159 63993 7ff7a0c23cbb 63996 7ff7a0c23cc8 63993->63996 63997 7ff7a0c23cbf 63993->63997 63994->63998 63999 7ff7a0c23d12 63994->63999 63996->63998 63997->63986 63998->63992 64000 7ff7a0c23da7 SetDllDirectoryW LoadLibraryExW 63998->64000 64225 7ff7a0c22710 54 API calls _log10_special 63999->64225 64000->63992 64001 7ff7a0c23dd7 SetDllDirectoryW 64005 7ff7a0c23e0a 64001->64005 64047 7ff7a0c23e5a 64001->64047 64004 7ff7a0c23808 __std_exception_destroy 64215 7ff7a0c2c550 64004->64215 64007 7ff7a0c28830 14 API calls 64005->64007 64006 7ff7a0c24008 64009 7ff7a0c24012 PostMessageW GetMessageW 64006->64009 64010 7ff7a0c24035 64006->64010 64014 7ff7a0c23e16 __std_exception_destroy 64007->64014 64008 7ff7a0c23f1b 64238 7ff7a0c233c0 121 API calls 2 library calls 64008->64238 64009->64010 64164 7ff7a0c23360 64010->64164 64012 7ff7a0c23f23 64012->64004 64015 7ff7a0c23f2b 64012->64015 64017 7ff7a0c23ef2 64014->64017 64021 7ff7a0c23e4e 64014->64021 64239 7ff7a0c290c0 LocalFree 64015->64239 64237 7ff7a0c28940 40 API calls __std_exception_destroy 64017->64237 64021->64047 64230 7ff7a0c26dc0 54 API calls _set_fmode 64021->64230 64029 7ff7a0c2405b 64032 7ff7a0c23e6c 64231 7ff7a0c27340 117 API calls 2 library calls 64032->64231 64035 7ff7a0c23e81 64038 7ff7a0c23ea2 64035->64038 64050 7ff7a0c23e85 64035->64050 64232 7ff7a0c26e00 120 API calls _log10_special 64035->64232 64038->64050 64233 7ff7a0c271b0 125 API calls 64038->64233 64042 7ff7a0c23ee0 64236 7ff7a0c26fc0 FreeLibrary 64042->64236 64043 7ff7a0c23eb7 64043->64050 64234 7ff7a0c274f0 55 API calls 64043->64234 64047->64006 64047->64008 64050->64047 64235 7ff7a0c22a50 54 API calls _log10_special 64050->64235 64059->63900 64060 7ff7a0c2d2b8 GetModuleHandleW 64060->63908 64061->63910 64062->63896 64063->63899 64064->63916 64066 7ff7a0c4a4c0 64065->64066 64066->63919 64066->64066 64069 7ff7a0c3f480 64067->64069 64070 7ff7a0c3f526 64069->64070 64071 7ff7a0c3f4d3 64069->64071 64242 7ff7a0c3f358 71 API calls _fread_nolock 64070->64242 64241 7ff7a0c3a814 37 API calls 2 library calls 64071->64241 64073 7ff7a0c3f4fc 64073->63923 64243 7ff7a0c2c850 64074->64243 64077 7ff7a0c236eb GetLastError 64250 7ff7a0c22c50 51 API calls _log10_special 64077->64250 64078 7ff7a0c23710 64245 7ff7a0c29280 FindFirstFileExW 64078->64245 64081 7ff7a0c23706 64085 7ff7a0c2c550 _log10_special 8 API calls 64081->64085 64083 7ff7a0c2377d 64253 7ff7a0c29440 WideCharToMultiByte WideCharToMultiByte __std_exception_destroy 64083->64253 64084 7ff7a0c23723 64251 7ff7a0c29300 CreateFileW GetFinalPathNameByHandleW CloseHandle 64084->64251 64088 7ff7a0c237b5 64085->64088 64088->64004 64096 7ff7a0c21950 64088->64096 64089 7ff7a0c23730 64091 7ff7a0c2374c __vcrt_InitializeCriticalSectionEx 64089->64091 64092 7ff7a0c23734 64089->64092 64090 7ff7a0c2378b 64090->64081 64254 7ff7a0c22810 49 API calls _log10_special 64090->64254 64091->64083 64252 7ff7a0c22810 49 API calls _log10_special 64092->64252 64095 7ff7a0c23745 64095->64081 64097 7ff7a0c245c0 108 API calls 64096->64097 64098 7ff7a0c21985 64097->64098 64099 7ff7a0c21c43 64098->64099 64101 7ff7a0c27f90 83 API calls 64098->64101 64100 7ff7a0c2c550 _log10_special 8 API calls 64099->64100 64102 7ff7a0c21c5e 64100->64102 64103 7ff7a0c219cb 64101->64103 64102->63930 64102->63931 64145 7ff7a0c21a03 64103->64145 64255 7ff7a0c306d4 64103->64255 64105 7ff7a0c3004c 74 API calls 64105->64099 64106 7ff7a0c219e5 64107 7ff7a0c21a08 64106->64107 64108 7ff7a0c219e9 64106->64108 64259 7ff7a0c3039c 64107->64259 64262 7ff7a0c34f08 11 API calls _set_fmode 64108->64262 64111 7ff7a0c219ee 64263 7ff7a0c22910 54 API calls _log10_special 64111->64263 64114 7ff7a0c21a26 64264 7ff7a0c34f08 11 API calls _set_fmode 64114->64264 64115 7ff7a0c21a45 64119 7ff7a0c21a5c 64115->64119 64120 7ff7a0c21a7b 64115->64120 64117 7ff7a0c21a2b 64265 7ff7a0c22910 54 API calls _log10_special 64117->64265 64266 7ff7a0c34f08 11 API calls _set_fmode 64119->64266 64122 7ff7a0c21c80 49 API calls 64120->64122 64124 7ff7a0c21a92 64122->64124 64123 7ff7a0c21a61 64267 7ff7a0c22910 54 API calls _log10_special 64123->64267 64126 7ff7a0c21c80 49 API calls 64124->64126 64127 7ff7a0c21add 64126->64127 64128 7ff7a0c306d4 73 API calls 64127->64128 64129 7ff7a0c21b01 64128->64129 64130 7ff7a0c21b16 64129->64130 64131 7ff7a0c21b35 64129->64131 64268 7ff7a0c34f08 11 API calls _set_fmode 64130->64268 64132 7ff7a0c3039c _fread_nolock 53 API calls 64131->64132 64134 7ff7a0c21b4a 64132->64134 64137 7ff7a0c21b50 64134->64137 64138 7ff7a0c21b6f 64134->64138 64135 7ff7a0c21b1b 64269 7ff7a0c22910 54 API calls _log10_special 64135->64269 64270 7ff7a0c34f08 11 API calls _set_fmode 64137->64270 64272 7ff7a0c30110 37 API calls 2 library calls 64138->64272 64141 7ff7a0c21b55 64271 7ff7a0c22910 54 API calls _log10_special 64141->64271 64142 7ff7a0c21b89 64142->64145 64273 7ff7a0c22710 54 API calls _log10_special 64142->64273 64145->64105 64147 7ff7a0c2883a 64146->64147 64148 7ff7a0c29390 2 API calls 64147->64148 64149 7ff7a0c28859 GetEnvironmentVariableW 64148->64149 64150 7ff7a0c288c2 64149->64150 64151 7ff7a0c28876 ExpandEnvironmentStringsW 64149->64151 64152 7ff7a0c2c550 _log10_special 8 API calls 64150->64152 64151->64150 64153 7ff7a0c28898 64151->64153 64154 7ff7a0c288d4 64152->64154 64303 7ff7a0c29440 WideCharToMultiByte WideCharToMultiByte __std_exception_destroy 64153->64303 64154->63938 64156 7ff7a0c288aa 64157 7ff7a0c2c550 _log10_special 8 API calls 64156->64157 64158 7ff7a0c288ba 64157->64158 64158->63938 64160 7ff7a0c293b2 MultiByteToWideChar 64159->64160 64161 7ff7a0c293d6 64159->64161 64160->64161 64163 7ff7a0c293ec __std_exception_destroy 64160->64163 64162 7ff7a0c293f3 MultiByteToWideChar 64161->64162 64161->64163 64162->64163 64163->64001 64304 7ff7a0c26360 64164->64304 64167 7ff7a0c23399 64173 7ff7a0c23670 64167->64173 64169 7ff7a0c23381 64169->64167 64372 7ff7a0c26050 64169->64372 64171 7ff7a0c2338d 64171->64167 64381 7ff7a0c261e0 54 API calls 64171->64381 64174 7ff7a0c2367e 64173->64174 64176 7ff7a0c2368f 64174->64176 64520 7ff7a0c28e60 FreeLibrary 64174->64520 64240 7ff7a0c26fc0 FreeLibrary 64176->64240 64178 7ff7a0c21ca5 64177->64178 64521 7ff7a0c34984 64178->64521 64181->63948 64183 7ff7a0c245cc 64182->64183 64184 7ff7a0c29390 2 API calls 64183->64184 64185 7ff7a0c245f4 64184->64185 64186 7ff7a0c29390 2 API calls 64185->64186 64187 7ff7a0c24607 64186->64187 64544 7ff7a0c35f94 64187->64544 64190 7ff7a0c2c550 _log10_special 8 API calls 64191 7ff7a0c2392b 64190->64191 64191->63937 64192 7ff7a0c27f90 64191->64192 64193 7ff7a0c27fb4 64192->64193 64194 7ff7a0c306d4 73 API calls 64193->64194 64199 7ff7a0c2808b __std_exception_destroy 64193->64199 64195 7ff7a0c27fd0 64194->64195 64195->64199 64712 7ff7a0c378c8 64195->64712 64197 7ff7a0c306d4 73 API calls 64200 7ff7a0c27fe5 64197->64200 64198 7ff7a0c3039c _fread_nolock 53 API calls 64198->64200 64199->63941 64200->64197 64200->64198 64200->64199 64202 7ff7a0c3007c 64201->64202 64728 7ff7a0c2fe28 64202->64728 64204 7ff7a0c30095 64204->63937 64205->64004 64206->64004 64207->63951 64208->63955 64209->63959 64210->63962 64211->63973 64212->64004 64213->63980 64214->64004 64216 7ff7a0c2c559 64215->64216 64217 7ff7a0c23ca7 64216->64217 64218 7ff7a0c2c8e0 IsProcessorFeaturePresent 64216->64218 64217->64060 64219 7ff7a0c2c8f8 64218->64219 64740 7ff7a0c2cad8 RtlCaptureContext RtlLookupFunctionEntry RtlVirtualUnwind 64219->64740 64221 7ff7a0c2c90b 64741 7ff7a0c2c8a0 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 64221->64741 64224->63993 64225->64004 64226->63979 64228 7ff7a0c21c80 49 API calls 64227->64228 64229 7ff7a0c24660 64228->64229 64229->63998 64230->64032 64231->64035 64232->64038 64233->64043 64234->64050 64235->64042 64236->64047 64237->64047 64238->64012 64240->64029 64241->64073 64242->64073 64244 7ff7a0c236bc GetModuleFileNameW 64243->64244 64244->64077 64244->64078 64246 7ff7a0c292d2 64245->64246 64247 7ff7a0c292bf FindClose 64245->64247 64248 7ff7a0c2c550 _log10_special 8 API calls 64246->64248 64247->64246 64249 7ff7a0c2371a 64248->64249 64249->64083 64249->64084 64250->64081 64251->64089 64252->64095 64253->64090 64254->64081 64256 7ff7a0c30704 64255->64256 64274 7ff7a0c30464 64256->64274 64258 7ff7a0c3071d 64258->64106 64287 7ff7a0c303bc 64259->64287 64262->64111 64263->64145 64264->64117 64265->64145 64266->64123 64267->64145 64268->64135 64269->64145 64270->64141 64271->64145 64272->64142 64273->64145 64275 7ff7a0c304ce 64274->64275 64276 7ff7a0c3048e 64274->64276 64275->64276 64278 7ff7a0c304da 64275->64278 64286 7ff7a0c3a814 37 API calls 2 library calls 64276->64286 64285 7ff7a0c3546c EnterCriticalSection 64278->64285 64280 7ff7a0c304df 64281 7ff7a0c305e8 71 API calls 64280->64281 64282 7ff7a0c304f1 64281->64282 64283 7ff7a0c35478 _fread_nolock LeaveCriticalSection 64282->64283 64284 7ff7a0c304b5 64283->64284 64284->64258 64286->64284 64288 7ff7a0c21a20 64287->64288 64289 7ff7a0c303e6 64287->64289 64288->64114 64288->64115 64289->64288 64290 7ff7a0c30432 64289->64290 64291 7ff7a0c303f5 memcpy_s 64289->64291 64300 7ff7a0c3546c EnterCriticalSection 64290->64300 64301 7ff7a0c34f08 11 API calls _set_fmode 64291->64301 64294 7ff7a0c3043a 64296 7ff7a0c3013c _fread_nolock 51 API calls 64294->64296 64295 7ff7a0c3040a 64302 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 64295->64302 64298 7ff7a0c30451 64296->64298 64299 7ff7a0c35478 _fread_nolock LeaveCriticalSection 64298->64299 64299->64288 64301->64295 64302->64288 64303->64156 64305 7ff7a0c26375 64304->64305 64306 7ff7a0c21c80 49 API calls 64305->64306 64307 7ff7a0c263b1 64306->64307 64308 7ff7a0c263ba 64307->64308 64309 7ff7a0c263dd 64307->64309 64392 7ff7a0c22710 54 API calls _log10_special 64308->64392 64311 7ff7a0c24630 49 API calls 64309->64311 64312 7ff7a0c263f5 64311->64312 64313 7ff7a0c26413 64312->64313 64393 7ff7a0c22710 54 API calls _log10_special 64312->64393 64382 7ff7a0c24560 64313->64382 64316 7ff7a0c2c550 _log10_special 8 API calls 64317 7ff7a0c2336e 64316->64317 64317->64167 64335 7ff7a0c26500 64317->64335 64318 7ff7a0c2642b 64321 7ff7a0c24630 49 API calls 64318->64321 64320 7ff7a0c28e80 3 API calls 64320->64318 64322 7ff7a0c26444 64321->64322 64323 7ff7a0c26469 64322->64323 64324 7ff7a0c26449 64322->64324 64388 7ff7a0c28e80 64323->64388 64394 7ff7a0c22710 54 API calls _log10_special 64324->64394 64327 7ff7a0c263d3 64327->64316 64328 7ff7a0c26476 64329 7ff7a0c26482 64328->64329 64330 7ff7a0c264c1 64328->64330 64331 7ff7a0c29390 2 API calls 64329->64331 64396 7ff7a0c25830 137 API calls 64330->64396 64333 7ff7a0c2649a GetLastError 64331->64333 64395 7ff7a0c22c50 51 API calls _log10_special 64333->64395 64397 7ff7a0c25400 64335->64397 64337 7ff7a0c26526 64338 7ff7a0c2652e 64337->64338 64339 7ff7a0c2653f 64337->64339 64422 7ff7a0c22710 54 API calls _log10_special 64338->64422 64404 7ff7a0c24c90 64339->64404 64343 7ff7a0c2655c 64347 7ff7a0c2656c 64343->64347 64349 7ff7a0c2657d 64343->64349 64344 7ff7a0c2654b 64423 7ff7a0c22710 54 API calls _log10_special 64344->64423 64346 7ff7a0c2653a 64346->64169 64424 7ff7a0c22710 54 API calls _log10_special 64347->64424 64350 7ff7a0c2659c 64349->64350 64351 7ff7a0c265ad 64349->64351 64425 7ff7a0c22710 54 API calls _log10_special 64350->64425 64353 7ff7a0c265bc 64351->64353 64354 7ff7a0c265cd 64351->64354 64426 7ff7a0c22710 54 API calls _log10_special 64353->64426 64408 7ff7a0c24d50 64354->64408 64358 7ff7a0c265dc 64427 7ff7a0c22710 54 API calls _log10_special 64358->64427 64359 7ff7a0c265ed 64361 7ff7a0c265fc 64359->64361 64362 7ff7a0c2660d 64359->64362 64428 7ff7a0c22710 54 API calls _log10_special 64361->64428 64364 7ff7a0c2661f 64362->64364 64366 7ff7a0c26630 64362->64366 64429 7ff7a0c22710 54 API calls _log10_special 64364->64429 64369 7ff7a0c2665a 64366->64369 64430 7ff7a0c372b0 73 API calls 64366->64430 64368 7ff7a0c26648 64431 7ff7a0c372b0 73 API calls 64368->64431 64369->64346 64432 7ff7a0c22710 54 API calls _log10_special 64369->64432 64373 7ff7a0c26070 64372->64373 64373->64373 64374 7ff7a0c26099 64373->64374 64380 7ff7a0c260b0 __std_exception_destroy 64373->64380 64464 7ff7a0c22710 54 API calls _log10_special 64374->64464 64376 7ff7a0c260a5 64376->64171 64377 7ff7a0c261bb 64377->64171 64379 7ff7a0c22710 54 API calls 64379->64380 64380->64377 64380->64379 64434 7ff7a0c21470 64380->64434 64381->64167 64383 7ff7a0c2456a 64382->64383 64384 7ff7a0c29390 2 API calls 64383->64384 64385 7ff7a0c2458f 64384->64385 64386 7ff7a0c2c550 _log10_special 8 API calls 64385->64386 64387 7ff7a0c245b7 64386->64387 64387->64318 64387->64320 64389 7ff7a0c29390 2 API calls 64388->64389 64390 7ff7a0c28e94 LoadLibraryExW 64389->64390 64391 7ff7a0c28eb3 __std_exception_destroy 64390->64391 64391->64328 64392->64327 64393->64313 64394->64327 64395->64327 64396->64327 64399 7ff7a0c2542c 64397->64399 64398 7ff7a0c25434 64398->64337 64399->64398 64402 7ff7a0c255d4 64399->64402 64433 7ff7a0c36aa4 48 API calls 64399->64433 64400 7ff7a0c25797 __std_exception_destroy 64400->64337 64401 7ff7a0c247d0 47 API calls 64401->64402 64402->64400 64402->64401 64405 7ff7a0c24cc0 64404->64405 64406 7ff7a0c2c550 _log10_special 8 API calls 64405->64406 64407 7ff7a0c24d2a 64406->64407 64407->64343 64407->64344 64409 7ff7a0c24d65 64408->64409 64410 7ff7a0c21c80 49 API calls 64409->64410 64411 7ff7a0c24db1 64410->64411 64412 7ff7a0c21c80 49 API calls 64411->64412 64421 7ff7a0c24e33 __std_exception_destroy 64411->64421 64414 7ff7a0c24df0 64412->64414 64413 7ff7a0c2c550 _log10_special 8 API calls 64415 7ff7a0c24e7e 64413->64415 64416 7ff7a0c29390 2 API calls 64414->64416 64414->64421 64415->64358 64415->64359 64417 7ff7a0c24e06 64416->64417 64418 7ff7a0c29390 2 API calls 64417->64418 64419 7ff7a0c24e1d 64418->64419 64420 7ff7a0c29390 2 API calls 64419->64420 64420->64421 64421->64413 64422->64346 64423->64346 64424->64346 64425->64346 64426->64346 64427->64346 64428->64346 64429->64346 64430->64368 64431->64369 64432->64346 64433->64399 64435 7ff7a0c245c0 108 API calls 64434->64435 64436 7ff7a0c21493 64435->64436 64437 7ff7a0c214bc 64436->64437 64438 7ff7a0c2149b 64436->64438 64440 7ff7a0c306d4 73 API calls 64437->64440 64487 7ff7a0c22710 54 API calls _log10_special 64438->64487 64442 7ff7a0c214d1 64440->64442 64441 7ff7a0c214ab 64441->64380 64443 7ff7a0c214f8 64442->64443 64444 7ff7a0c214d5 64442->64444 64447 7ff7a0c21508 64443->64447 64448 7ff7a0c21532 64443->64448 64488 7ff7a0c34f08 11 API calls _set_fmode 64444->64488 64446 7ff7a0c214da 64489 7ff7a0c22910 54 API calls _log10_special 64446->64489 64490 7ff7a0c34f08 11 API calls _set_fmode 64447->64490 64451 7ff7a0c21538 64448->64451 64452 7ff7a0c2154b 64448->64452 64465 7ff7a0c21210 64451->64465 64457 7ff7a0c214f3 __std_exception_destroy 64452->64457 64459 7ff7a0c3039c _fread_nolock 53 API calls 64452->64459 64460 7ff7a0c215d6 64452->64460 64453 7ff7a0c21510 64491 7ff7a0c22910 54 API calls _log10_special 64453->64491 64456 7ff7a0c3004c 74 API calls 64458 7ff7a0c215c4 64456->64458 64457->64456 64458->64380 64459->64452 64492 7ff7a0c34f08 11 API calls _set_fmode 64460->64492 64462 7ff7a0c215db 64493 7ff7a0c22910 54 API calls _log10_special 64462->64493 64464->64376 64466 7ff7a0c21268 64465->64466 64467 7ff7a0c21297 64466->64467 64468 7ff7a0c2126f 64466->64468 64471 7ff7a0c212b1 64467->64471 64472 7ff7a0c212d4 64467->64472 64498 7ff7a0c22710 54 API calls _log10_special 64468->64498 64470 7ff7a0c21282 64470->64457 64499 7ff7a0c34f08 11 API calls _set_fmode 64471->64499 64475 7ff7a0c212e6 64472->64475 64481 7ff7a0c21309 memcpy_s 64472->64481 64474 7ff7a0c212b6 64500 7ff7a0c22910 54 API calls _log10_special 64474->64500 64501 7ff7a0c34f08 11 API calls _set_fmode 64475->64501 64478 7ff7a0c212eb 64502 7ff7a0c22910 54 API calls _log10_special 64478->64502 64479 7ff7a0c3039c _fread_nolock 53 API calls 64479->64481 64481->64479 64482 7ff7a0c212cf __std_exception_destroy 64481->64482 64483 7ff7a0c213cf 64481->64483 64486 7ff7a0c30110 37 API calls 64481->64486 64494 7ff7a0c30adc 64481->64494 64482->64457 64503 7ff7a0c22710 54 API calls _log10_special 64483->64503 64486->64481 64487->64441 64488->64446 64489->64457 64490->64453 64491->64457 64492->64462 64493->64457 64495 7ff7a0c30b0c 64494->64495 64504 7ff7a0c3082c 64495->64504 64497 7ff7a0c30b2a 64497->64481 64498->64470 64499->64474 64500->64482 64501->64478 64502->64482 64503->64482 64505 7ff7a0c3084c 64504->64505 64510 7ff7a0c30879 64504->64510 64506 7ff7a0c30881 64505->64506 64507 7ff7a0c30856 64505->64507 64505->64510 64511 7ff7a0c3076c 64506->64511 64518 7ff7a0c3a814 37 API calls 2 library calls 64507->64518 64510->64497 64519 7ff7a0c3546c EnterCriticalSection 64511->64519 64513 7ff7a0c30789 64514 7ff7a0c307ac 74 API calls 64513->64514 64515 7ff7a0c30792 64514->64515 64516 7ff7a0c35478 _fread_nolock LeaveCriticalSection 64515->64516 64517 7ff7a0c3079d 64516->64517 64517->64510 64518->64510 64520->64176 64522 7ff7a0c349de 64521->64522 64523 7ff7a0c34a03 64522->64523 64525 7ff7a0c34a3f 64522->64525 64539 7ff7a0c3a814 37 API calls 2 library calls 64523->64539 64540 7ff7a0c32c10 49 API calls _invalid_parameter_noinfo 64525->64540 64527 7ff7a0c34a2d 64528 7ff7a0c2c550 _log10_special 8 API calls 64527->64528 64531 7ff7a0c21cc8 64528->64531 64530 7ff7a0c34ad6 64532 7ff7a0c34b40 64530->64532 64533 7ff7a0c34ae8 64530->64533 64534 7ff7a0c34b1c 64530->64534 64538 7ff7a0c34af1 64530->64538 64531->63935 64532->64534 64535 7ff7a0c34b4a 64532->64535 64533->64534 64533->64538 64543 7ff7a0c3a948 11 API calls 2 library calls 64534->64543 64542 7ff7a0c3a948 11 API calls 2 library calls 64535->64542 64541 7ff7a0c3a948 11 API calls 2 library calls 64538->64541 64539->64527 64540->64530 64541->64527 64542->64527 64543->64527 64545 7ff7a0c35ec8 64544->64545 64546 7ff7a0c35eee 64545->64546 64549 7ff7a0c35f21 64545->64549 64575 7ff7a0c34f08 11 API calls _set_fmode 64546->64575 64548 7ff7a0c35ef3 64576 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 64548->64576 64551 7ff7a0c35f27 64549->64551 64552 7ff7a0c35f34 64549->64552 64577 7ff7a0c34f08 11 API calls _set_fmode 64551->64577 64563 7ff7a0c3ac28 64552->64563 64555 7ff7a0c24616 64555->64190 64557 7ff7a0c35f48 64578 7ff7a0c34f08 11 API calls _set_fmode 64557->64578 64558 7ff7a0c35f55 64570 7ff7a0c3fecc 64558->64570 64561 7ff7a0c35f68 64579 7ff7a0c35478 LeaveCriticalSection 64561->64579 64580 7ff7a0c402d8 EnterCriticalSection 64563->64580 64565 7ff7a0c3ac3f 64566 7ff7a0c3ac9c 19 API calls 64565->64566 64567 7ff7a0c3ac4a 64566->64567 64568 7ff7a0c40338 _isindst LeaveCriticalSection 64567->64568 64569 7ff7a0c35f3e 64568->64569 64569->64557 64569->64558 64581 7ff7a0c3fbc8 64570->64581 64573 7ff7a0c3ff26 64573->64561 64575->64548 64576->64555 64577->64555 64578->64555 64586 7ff7a0c3fc03 __vcrt_InitializeCriticalSectionEx 64581->64586 64583 7ff7a0c3fea1 64600 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 64583->64600 64585 7ff7a0c3fdd3 64585->64573 64593 7ff7a0c46d54 64585->64593 64586->64586 64591 7ff7a0c3fdca 64586->64591 64596 7ff7a0c37a3c 51 API calls 3 library calls 64586->64596 64588 7ff7a0c3fe35 64588->64591 64597 7ff7a0c37a3c 51 API calls 3 library calls 64588->64597 64590 7ff7a0c3fe54 64590->64591 64598 7ff7a0c37a3c 51 API calls 3 library calls 64590->64598 64591->64585 64599 7ff7a0c34f08 11 API calls _set_fmode 64591->64599 64601 7ff7a0c46354 64593->64601 64596->64588 64597->64590 64598->64591 64599->64583 64600->64585 64602 7ff7a0c46389 64601->64602 64603 7ff7a0c4636b 64601->64603 64602->64603 64605 7ff7a0c463a5 64602->64605 64655 7ff7a0c34f08 11 API calls _set_fmode 64603->64655 64612 7ff7a0c46964 64605->64612 64606 7ff7a0c46370 64656 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 64606->64656 64610 7ff7a0c4637c 64610->64573 64658 7ff7a0c46698 64612->64658 64615 7ff7a0c469d9 64690 7ff7a0c34ee8 11 API calls _set_fmode 64615->64690 64616 7ff7a0c469f1 64678 7ff7a0c38520 64616->64678 64635 7ff7a0c469de 64691 7ff7a0c34f08 11 API calls _set_fmode 64635->64691 64648 7ff7a0c463d0 64648->64610 64657 7ff7a0c384f8 LeaveCriticalSection 64648->64657 64655->64606 64656->64610 64659 7ff7a0c466c4 64658->64659 64666 7ff7a0c466de 64658->64666 64659->64666 64703 7ff7a0c34f08 11 API calls _set_fmode 64659->64703 64661 7ff7a0c466d3 64704 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 64661->64704 64663 7ff7a0c467ad 64674 7ff7a0c4680a 64663->64674 64709 7ff7a0c39b78 37 API calls 2 library calls 64663->64709 64664 7ff7a0c4675c 64664->64663 64707 7ff7a0c34f08 11 API calls _set_fmode 64664->64707 64666->64664 64705 7ff7a0c34f08 11 API calls _set_fmode 64666->64705 64668 7ff7a0c46806 64671 7ff7a0c46888 64668->64671 64668->64674 64670 7ff7a0c467a2 64708 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 64670->64708 64710 7ff7a0c3a900 17 API calls __FrameHandler3::FrameUnwindToEmptyState 64671->64710 64672 7ff7a0c46751 64706 7ff7a0c3a8e0 37 API calls _invalid_parameter_noinfo 64672->64706 64674->64615 64674->64616 64711 7ff7a0c402d8 EnterCriticalSection 64678->64711 64690->64635 64691->64648 64703->64661 64704->64666 64705->64672 64706->64664 64707->64670 64708->64663 64709->64668 64713 7ff7a0c378f8 64712->64713 64716 7ff7a0c373d4 64713->64716 64715 7ff7a0c37911 64715->64200 64717 7ff7a0c3741e 64716->64717 64718 7ff7a0c373ef 64716->64718 64726 7ff7a0c3546c EnterCriticalSection 64717->64726 64727 7ff7a0c3a814 37 API calls 2 library calls 64718->64727 64721 7ff7a0c37423 64722 7ff7a0c37440 38 API calls 64721->64722 64723 7ff7a0c3742f 64722->64723 64724 7ff7a0c35478 _fread_nolock LeaveCriticalSection 64723->64724 64725 7ff7a0c3740f 64724->64725 64725->64715 64727->64725 64729 7ff7a0c2fe71 64728->64729 64730 7ff7a0c2fe43 64728->64730 64737 7ff7a0c2fe63 64729->64737 64738 7ff7a0c3546c EnterCriticalSection 64729->64738 64739 7ff7a0c3a814 37 API calls 2 library calls 64730->64739 64733 7ff7a0c2fe88 64734 7ff7a0c2fea4 72 API calls 64733->64734 64735 7ff7a0c2fe94 64734->64735 64736 7ff7a0c35478 _fread_nolock LeaveCriticalSection 64735->64736 64736->64737 64737->64204 64739->64737 64740->64221 64742 7ff7a0c22fe0 64743 7ff7a0c22ff0 64742->64743 64744 7ff7a0c2302b 64743->64744 64745 7ff7a0c23041 64743->64745 64770 7ff7a0c22710 54 API calls _log10_special 64744->64770 64748 7ff7a0c23061 64745->64748 64758 7ff7a0c23077 __std_exception_destroy 64745->64758 64747 7ff7a0c23037 __std_exception_destroy 64749 7ff7a0c2c550 _log10_special 8 API calls 64747->64749 64771 7ff7a0c22710 54 API calls _log10_special 64748->64771 64751 7ff7a0c231fa 64749->64751 64752 7ff7a0c21470 116 API calls 64752->64758 64753 7ff7a0c23349 64778 7ff7a0c22710 54 API calls _log10_special 64753->64778 64754 7ff7a0c21c80 49 API calls 64754->64758 64756 7ff7a0c23333 64777 7ff7a0c22710 54 API calls _log10_special 64756->64777 64758->64747 64758->64752 64758->64753 64758->64754 64758->64756 64759 7ff7a0c2330d 64758->64759 64761 7ff7a0c23207 64758->64761 64776 7ff7a0c22710 54 API calls _log10_special 64759->64776 64762 7ff7a0c23273 64761->64762 64772 7ff7a0c3a404 37 API calls 2 library calls 64761->64772 64764 7ff7a0c2329e 64762->64764 64765 7ff7a0c23290 64762->64765 64774 7ff7a0c22dd0 37 API calls 64764->64774 64773 7ff7a0c3a404 37 API calls 2 library calls 64765->64773 64768 7ff7a0c2329c 64775 7ff7a0c22500 54 API calls __std_exception_destroy 64768->64775 64770->64747 64771->64747 64772->64762 64773->64768 64774->64768 64775->64747 64776->64747 64777->64747 64778->64747 64779 7ff7a0c39961 64791 7ff7a0c3a3d8 64779->64791 64781 7ff7a0c39966 64782 7ff7a0c399d7 64781->64782 64783 7ff7a0c3998d GetModuleHandleW 64781->64783 64784 7ff7a0c39864 11 API calls 64782->64784 64783->64782 64789 7ff7a0c3999a 64783->64789 64786 7ff7a0c39a13 64784->64786 64785 7ff7a0c39a1a 64786->64785 64787 7ff7a0c39a30 11 API calls 64786->64787 64788 7ff7a0c39a2c 64787->64788 64789->64782 64790 7ff7a0c39a88 GetModuleHandleExW GetProcAddress FreeLibrary 64789->64790 64790->64782 64796 7ff7a0c3b150 45 API calls 3 library calls 64791->64796 64793 7ff7a0c3a3e1 64797 7ff7a0c3a504 45 API calls __FrameHandler3::FrameUnwindToEmptyState 64793->64797 64796->64793 64798 7ff8a8e20d10 64799 7ff8a8e20d41 64798->64799 64800 7ff8a8e20d3c 64798->64800 64802 7ff8a8e20e44 64799->64802 64805 7ff8a8e20e31 64799->64805 64809 7ff8a8e20e48 64799->64809 64815 7ff8a8e5e170 13 API calls new[] 64799->64815 64811 7ff8a8e44960 64800->64811 64803 7ff8a8e20e8a 64802->64803 64804 7ff8a8e20ea0 64802->64804 64802->64809 64817 7ff8a8dca500 12 API calls 64803->64817 64818 7ff8a8dca500 12 API calls 64804->64818 64805->64802 64816 7ff8a8e5ffc0 16 API calls new[] 64805->64816 64812 7ff8a8e44979 64811->64812 64814 7ff8a8e44985 64811->64814 64819 7ff8a8e44890 64812->64819 64814->64799 64815->64805 64816->64802 64817->64809 64818->64809 64820 7ff8a8e448ca 64819->64820 64822 7ff8a8e448da 64819->64822 64825 7ff8a8e443d0 64820->64825 64823 7ff8a8e4492d 64822->64823 64824 7ff8a8e443d0 69 API calls 64822->64824 64823->64814 64824->64822 64849 7ff8a8e440d0 64825->64849 64827 7ff8a8e444ba 64831 7ff8a8ef2900 8 API calls 64827->64831 64828 7ff8a8e4485b 64895 7ff8a8e21280 13 API calls 64828->64895 64833 7ff8a8e4487b 64831->64833 64832 7ff8a8e4448c 64832->64827 64837 7ff8a8e4455e 64832->64837 64838 7ff8a8e44578 64832->64838 64880 7ff8a8de3790 64832->64880 64833->64822 64835 7ff8a8e44514 64836 7ff8a8e4451a 64835->64836 64835->64838 64836->64837 64839 7ff8a8e4454f memcpy 64836->64839 64837->64827 64837->64828 64894 7ff8a8dc6c40 12 API calls 64837->64894 64844 7ff8a8e44601 64838->64844 64889 7ff8a8dc9170 12 API calls 64838->64889 64839->64837 64841 7ff8a8e4477b 64890 7ff8a8e3cf30 58 API calls new[] 64841->64890 64844->64837 64893 7ff8a8de4b80 37 API calls 64844->64893 64845 7ff8a8e447a7 64846 7ff8a8e447d5 64845->64846 64891 7ff8a8e1e490 59 API calls 64845->64891 64846->64844 64892 7ff8a8e21310 13 API calls 64846->64892 64850 7ff8a8e44384 64849->64850 64851 7ff8a8e440f2 64849->64851 64850->64832 64852 7ff8a8e440fb 64851->64852 64853 7ff8a8e44113 64851->64853 64896 7ff8a8e43fc0 12 API calls 64852->64896 64856 7ff8a8e44303 64853->64856 64859 7ff8a8e44152 64853->64859 64855 7ff8a8e44106 64855->64832 64856->64850 64935 7ff8a8e43fc0 12 API calls 64856->64935 64858 7ff8a8e441a4 64898 7ff8a8e44c70 memset 64858->64898 64859->64858 64897 7ff8a8e43fc0 12 API calls 64859->64897 64863 7ff8a8e44213 64863->64850 64864 7ff8a8e44258 64863->64864 64870 7ff8a8e442a2 64863->64870 64933 7ff8a8dc9340 12 API calls 64864->64933 64866 7ff8a8e4420b 64930 7ff8a8dc6c40 12 API calls 64866->64930 64867 7ff8a8e44215 64867->64863 64931 7ff8a8e83ba0 16 API calls 64867->64931 64868 7ff8a8e44269 64934 7ff8a8dc9340 12 API calls 64868->64934 64871 7ff8a8df5950 41 API calls 64870->64871 64877 7ff8a8e442ce 64871->64877 64874 7ff8a8e44293 64874->64832 64875 7ff8a8e44226 64932 7ff8a8e43fc0 12 API calls 64875->64932 64878 7ff8a8e822e0 39 API calls 64877->64878 64879 7ff8a8e442f4 64878->64879 64879->64832 64882 7ff8a8de37c7 64880->64882 64881 7ff8a8de3829 64881->64835 64882->64881 64883 7ff8a8de39e5 64882->64883 64981 7ff8a8de3370 64882->64981 64992 7ff8a8dda650 10 API calls 64882->64992 64993 7ff8a8de36c0 memset 64882->64993 64994 7ff8a8dd7270 24 API calls 64882->64994 64883->64881 64995 7ff8a8ddb2b0 14 API calls new[] 64883->64995 64889->64841 64890->64845 64891->64846 64892->64844 64893->64837 64894->64828 64895->64827 64896->64855 64897->64858 64899 7ff8a8e44d43 64898->64899 64900 7ff8a8e44d5f 64899->64900 64910 7ff8a8e44d7d 64899->64910 64954 7ff8a8dca500 12 API calls 64900->64954 64903 7ff8a8e44f3b 64936 7ff8a8e7fc80 64903->64936 64904 7ff8a8e451f6 64908 7ff8a8ef2900 8 API calls 64904->64908 64905 7ff8a8e44eaa 64909 7ff8a8e44eb3 64905->64909 64914 7ff8a8e44edb 64905->64914 64906 7ff8a8e44e77 64906->64903 64906->64905 64912 7ff8a8e441e2 64908->64912 64956 7ff8a8dca370 17 API calls 64909->64956 64910->64906 64920 7ff8a8e44e52 64910->64920 64911 7ff8a8e44f14 64924 7ff8a8e44fa5 memcpy 64911->64924 64926 7ff8a8e44fba 64911->64926 64912->64863 64912->64866 64912->64867 64914->64911 64916 7ff8a8e44ef4 memcpy 64914->64916 64915 7ff8a8e44fce 64918 7ff8a8e45125 64915->64918 64960 7ff8a8df59e0 41 API calls 64915->64960 64917 7ff8a8e7fc80 12 API calls 64916->64917 64917->64911 64921 7ff8a8e44d70 64918->64921 64961 7ff8a8dca370 17 API calls 64918->64961 64955 7ff8a8dca370 17 API calls 64920->64955 64962 7ff8a8e449c0 12 API calls 64921->64962 64924->64926 64925 7ff8a8de3790 33 API calls 64925->64926 64926->64915 64926->64921 64926->64925 64957 7ff8a8dc6c40 12 API calls 64926->64957 64958 7ff8a8e21280 13 API calls 64926->64958 64959 7ff8a8de4b80 37 API calls 64926->64959 64930->64863 64931->64875 64932->64863 64933->64868 64934->64874 64935->64850 64950 7ff8a8e7fcd1 64936->64950 64938 7ff8a8e800f0 64975 7ff8a8dc9340 12 API calls 64938->64975 64940 7ff8a8e80099 64973 7ff8a8dca500 12 API calls 64940->64973 64941 7ff8a8e8010d 64945 7ff8a8e21740 12 API calls 64941->64945 64946 7ff8a8e801ae 64941->64946 64943 7ff8a8e7ffde 64943->64938 64943->64941 64974 7ff8a8dc9170 12 API calls 64943->64974 64945->64946 64952 7ff8a8e80207 64946->64952 64976 7ff8a8e55d70 12 API calls 64946->64976 64947 7ff8a8ef2900 8 API calls 64949 7ff8a8e80250 64947->64949 64949->64911 64950->64940 64950->64943 64963 7ff8a8e7f0f0 64950->64963 64951 7ff8a8e801d5 64951->64952 64977 7ff8a8e0d150 12 API calls 64951->64977 64952->64947 64954->64921 64955->64921 64956->64921 64957->64926 64958->64926 64959->64926 64960->64918 64961->64921 64962->64904 64964 7ff8a8e7f133 64963->64964 64965 7ff8a8e7f24d 64964->64965 64966 7ff8a8e7f20b 64964->64966 64968 7ff8a8e7f293 64965->64968 64969 7ff8a8e7f280 64965->64969 64972 7ff8a8e7f229 64965->64972 64966->64972 64978 7ff8a8e7c2c0 12 API calls 64966->64978 64980 7ff8a8dca500 12 API calls 64968->64980 64979 7ff8a8dca500 12 API calls 64969->64979 64972->64950 64973->64943 64974->64938 64975->64941 64976->64951 64977->64952 64978->64972 64979->64972 64980->64972 64996 7ff8a8dd9d00 64981->64996 64984 7ff8a8de355d 64989 7ff8a8de34a4 64984->64989 65039 7ff8a8dd7270 24 API calls 64984->65039 64988 7ff8a8de3493 64988->64984 64988->64989 65038 7ff8a8e85aa0 12 API calls 64988->65038 64989->64882 64992->64882 64993->64882 64994->64882 64995->64881 65002 7ff8a8dd9fb9 64996->65002 65004 7ff8a8dd9d30 64996->65004 64997 7ff8a8dd9dce 65000 7ff8a8ef2900 8 API calls 64997->65000 64998 7ff8a8dda05e 64998->64997 65045 7ff8a8dd6c90 memset 64998->65045 65001 7ff8a8dda0b9 65000->65001 65001->64989 65016 7ff8a8dda0d0 65001->65016 65002->64998 65003 7ff8a8dd42a0 memset 65002->65003 65003->64998 65004->64998 65004->65002 65005 7ff8a8dd9dc1 65004->65005 65007 7ff8a8dd9ef8 65004->65007 65012 7ff8a8dd9dd3 65004->65012 65040 7ff8a8dd6c90 memset 65005->65040 65007->64998 65007->65002 65044 7ff8a8ddb9d0 13 API calls 65007->65044 65008 7ff8a8dd9ec5 65008->65007 65010 7ff8a8dd9ee4 65008->65010 65009 7ff8a8dd9e82 65009->65008 65009->65010 65042 7ff8a8dd7c90 19 API calls 65009->65042 65043 7ff8a8dd6c90 memset 65010->65043 65012->64998 65012->65009 65041 7ff8a8e85ae0 12 API calls 65012->65041 65017 7ff8a8dda125 65016->65017 65018 7ff8a8dda0f2 65016->65018 65046 7ff8a8dd50b0 65017->65046 65052 7ff8a8dc9340 12 API calls 65018->65052 65020 7ff8a8dda144 65021 7ff8a8dda11e 65020->65021 65022 7ff8a8dda2a0 65020->65022 65023 7ff8a8dda248 65020->65023 65031 7ff8a8dda15d 65020->65031 65021->64984 65021->64988 65021->64989 65037 7ff8a8ddb9d0 13 API calls 65021->65037 65025 7ff8a8dda2ce 65022->65025 65027 7ff8a8dda2b8 65022->65027 65053 7ff8a8dc9340 12 API calls 65023->65053 65029 7ff8a8dda2ea 65025->65029 65025->65031 65055 7ff8a8dd8050 15 API calls 65027->65055 65028 7ff8a8dda325 memset 65028->65021 65029->65028 65032 7ff8a8dda30d 65029->65032 65056 7ff8a8dd3380 14 API calls new[] 65029->65056 65031->65021 65054 7ff8a8dd7270 24 API calls 65031->65054 65057 7ff8a8dd6930 16 API calls new[] 65032->65057 65035 7ff8a8dda317 65035->65028 65037->64988 65038->64984 65039->64989 65040->64997 65041->65009 65042->65008 65043->64997 65044->65002 65045->64997 65047 7ff8a8dd50ff 65046->65047 65050 7ff8a8dd513b 65047->65050 65051 7ff8a8dd5127 65047->65051 65067 7ff8a8dd49f0 13 API calls new[] 65047->65067 65050->65051 65058 7ff8a8dd4820 65050->65058 65051->65020 65052->65021 65053->65031 65054->65021 65055->65031 65056->65032 65057->65035 65062 7ff8a8dd4939 65058->65062 65063 7ff8a8dd4848 65058->65063 65059 7ff8a8dd493e 65069 7ff8a8dd45b0 12 API calls new[] 65059->65069 65060 7ff8a8dd492f 65068 7ff8a8dd45b0 12 API calls new[] 65060->65068 65062->65051 65065 7ff8a8dc6180 new[] 12 API calls 65063->65065 65066 7ff8a8dd48b6 65063->65066 65065->65066 65066->65059 65066->65060 65066->65062 65067->65050 65068->65062 65069->65062 65070 7ff7a0c2bae0 65071 7ff7a0c2bb0e 65070->65071 65072 7ff7a0c2baf5 65070->65072 65072->65071 65075 7ff7a0c3d5fc 65072->65075 65076 7ff7a0c3d647 65075->65076 65081 7ff7a0c3d60b _set_fmode 65075->65081 65083 7ff7a0c34f08 11 API calls _set_fmode 65076->65083 65078 7ff7a0c3d62e HeapAlloc 65079 7ff7a0c2bb6e 65078->65079 65078->65081 65081->65076 65081->65078 65082 7ff7a0c43590 EnterCriticalSection LeaveCriticalSection _set_fmode 65081->65082 65082->65081 65083->65079 65084 7ff8a8e45220 65085 7ff8a8e452ae 65084->65085 65087 7ff8a8e45258 65084->65087 65086 7ff8a8e452d0 65085->65086 65085->65087 65088 7ff8a8e45270 65086->65088 65093 7ff8a8e452d5 65086->65093 65096 7ff8a8dc9340 12 API calls 65087->65096 65097 7ff8a8dc9340 12 API calls 65088->65097 65091 7ff8a8e4529a 65092 7ff8a8e44c70 55 API calls 65092->65093 65093->65092 65094 7ff8a8e453cd 65093->65094 65095 7ff8a8e2b040 13 API calls 65093->65095 65095->65093 65096->65088 65097->65091

                                                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21000 Relevance: 61.8, APIs: 7, Strings: 28, Instructions: 511COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 0 7ff7a0c21000-7ff7a0c23806 call 7ff7a0c2fe18 call 7ff7a0c2fe20 call 7ff7a0c2c850 call 7ff7a0c353f0 call 7ff7a0c35484 call 7ff7a0c236b0 14 7ff7a0c23808-7ff7a0c2380f 0->14 15 7ff7a0c23814-7ff7a0c23836 call 7ff7a0c21950 0->15 16 7ff7a0c23c97-7ff7a0c23cb2 call 7ff7a0c2c550 14->16 21 7ff7a0c2383c-7ff7a0c23856 call 7ff7a0c21c80 15->21 22 7ff7a0c2391b-7ff7a0c23931 call 7ff7a0c245c0 15->22 26 7ff7a0c2385b-7ff7a0c2389b call 7ff7a0c28830 21->26 28 7ff7a0c2396a-7ff7a0c2397f call 7ff7a0c22710 22->28 29 7ff7a0c23933-7ff7a0c23960 call 7ff7a0c27f90 22->29 33 7ff7a0c2389d-7ff7a0c238a3 26->33 34 7ff7a0c238c1-7ff7a0c238cc call 7ff7a0c34f30 26->34 42 7ff7a0c23c8f 28->42 40 7ff7a0c23962-7ff7a0c23965 call 7ff7a0c3004c 29->40 41 7ff7a0c23984-7ff7a0c239a6 call 7ff7a0c21c80 29->41 37 7ff7a0c238af-7ff7a0c238bd call 7ff7a0c289a0 33->37 38 7ff7a0c238a5-7ff7a0c238ad 33->38 49 7ff7a0c239fc-7ff7a0c23a2a call 7ff7a0c28940 call 7ff7a0c289a0 * 3 34->49 50 7ff7a0c238d2-7ff7a0c238e1 call 7ff7a0c28830 34->50 37->34 38->37 40->28 51 7ff7a0c239b0-7ff7a0c239b9 41->51 42->16 75 7ff7a0c23a2f-7ff7a0c23a3e call 7ff7a0c28830 49->75 58 7ff7a0c238e7-7ff7a0c238ed 50->58 59 7ff7a0c239f4-7ff7a0c239f7 call 7ff7a0c34f30 50->59 51->51 54 7ff7a0c239bb-7ff7a0c239d8 call 7ff7a0c21950 51->54 54->26 66 7ff7a0c239de-7ff7a0c239ef call 7ff7a0c22710 54->66 63 7ff7a0c238f0-7ff7a0c238fc 58->63 59->49 67 7ff7a0c238fe-7ff7a0c23903 63->67 68 7ff7a0c23905-7ff7a0c23908 63->68 66->42 67->63 67->68 68->59 70 7ff7a0c2390e-7ff7a0c23916 call 7ff7a0c34f30 68->70 70->75 79 7ff7a0c23a44-7ff7a0c23a47 75->79 80 7ff7a0c23b45-7ff7a0c23b53 75->80 79->80 83 7ff7a0c23a4d-7ff7a0c23a50 79->83 81 7ff7a0c23a67 80->81 82 7ff7a0c23b59-7ff7a0c23b5d 80->82 84 7ff7a0c23a6b-7ff7a0c23a90 call 7ff7a0c34f30 81->84 82->84 85 7ff7a0c23b14-7ff7a0c23b17 83->85 86 7ff7a0c23a56-7ff7a0c23a5a 83->86 95 7ff7a0c23aab-7ff7a0c23ac0 84->95 96 7ff7a0c23a92-7ff7a0c23aa6 call 7ff7a0c28940 84->96 88 7ff7a0c23b19-7ff7a0c23b1d 85->88 89 7ff7a0c23b2f-7ff7a0c23b40 call 7ff7a0c22710 85->89 86->85 87 7ff7a0c23a60 86->87 87->81 88->89 91 7ff7a0c23b1f-7ff7a0c23b2a 88->91 99 7ff7a0c23c7f-7ff7a0c23c87 89->99 91->84 97 7ff7a0c23be8-7ff7a0c23bfa call 7ff7a0c28830 95->97 98 7ff7a0c23ac6-7ff7a0c23aca 95->98 96->95 107 7ff7a0c23bfc-7ff7a0c23c02 97->107 108 7ff7a0c23c2e 97->108 102 7ff7a0c23bcd-7ff7a0c23be2 call 7ff7a0c21940 98->102 103 7ff7a0c23ad0-7ff7a0c23ae8 call 7ff7a0c35250 98->103 99->42 102->97 102->98 113 7ff7a0c23aea-7ff7a0c23b02 call 7ff7a0c35250 103->113 114 7ff7a0c23b62-7ff7a0c23b7a call 7ff7a0c35250 103->114 111 7ff7a0c23c1e-7ff7a0c23c2c 107->111 112 7ff7a0c23c04-7ff7a0c23c1c 107->112 115 7ff7a0c23c31-7ff7a0c23c40 call 7ff7a0c34f30 108->115 111->115 112->115 113->102 124 7ff7a0c23b08-7ff7a0c23b0f 113->124 122 7ff7a0c23b87-7ff7a0c23b9f call 7ff7a0c35250 114->122 123 7ff7a0c23b7c-7ff7a0c23b80 114->123 125 7ff7a0c23d41-7ff7a0c23d63 call 7ff7a0c244e0 115->125 126 7ff7a0c23c46-7ff7a0c23c4a 115->126 135 7ff7a0c23bac-7ff7a0c23bc4 call 7ff7a0c35250 122->135 136 7ff7a0c23ba1-7ff7a0c23ba5 122->136 123->122 124->102 139 7ff7a0c23d71-7ff7a0c23d82 call 7ff7a0c21c80 125->139 140 7ff7a0c23d65-7ff7a0c23d6f call 7ff7a0c24630 125->140 128 7ff7a0c23c50-7ff7a0c23c5f call 7ff7a0c290e0 126->128 129 7ff7a0c23cd4-7ff7a0c23ce6 call 7ff7a0c28830 126->129 144 7ff7a0c23c61 128->144 145 7ff7a0c23cb3-7ff7a0c23cbd call 7ff7a0c28660 128->145 146 7ff7a0c23ce8-7ff7a0c23ceb 129->146 147 7ff7a0c23d35-7ff7a0c23d3c 129->147 135->102 159 7ff7a0c23bc6 135->159 136->135 150 7ff7a0c23d87-7ff7a0c23d96 139->150 140->150 153 7ff7a0c23c68 call 7ff7a0c22710 144->153 164 7ff7a0c23cc8-7ff7a0c23ccf 145->164 165 7ff7a0c23cbf-7ff7a0c23cc6 145->165 146->147 148 7ff7a0c23ced-7ff7a0c23d10 call 7ff7a0c21c80 146->148 147->153 166 7ff7a0c23d2b-7ff7a0c23d33 call 7ff7a0c34f30 148->166 167 7ff7a0c23d12-7ff7a0c23d26 call 7ff7a0c22710 call 7ff7a0c34f30 148->167 156 7ff7a0c23d98-7ff7a0c23d9f 150->156 157 7ff7a0c23dc4-7ff7a0c23dda call 7ff7a0c29390 150->157 160 7ff7a0c23c6d-7ff7a0c23c77 153->160 156->157 162 7ff7a0c23da1-7ff7a0c23da5 156->162 172 7ff7a0c23de8-7ff7a0c23e04 SetDllDirectoryW 157->172 173 7ff7a0c23ddc 157->173 159->102 160->99 162->157 168 7ff7a0c23da7-7ff7a0c23dbe SetDllDirectoryW LoadLibraryExW 162->168 164->150 165->153 166->150 167->160 168->157 176 7ff7a0c23e0a-7ff7a0c23e19 call 7ff7a0c28830 172->176 177 7ff7a0c23f01-7ff7a0c23f08 172->177 173->172 187 7ff7a0c23e1b-7ff7a0c23e21 176->187 188 7ff7a0c23e32-7ff7a0c23e3c call 7ff7a0c34f30 176->188 179 7ff7a0c24008-7ff7a0c24010 177->179 180 7ff7a0c23f0e-7ff7a0c23f15 177->180 185 7ff7a0c24012-7ff7a0c2402f PostMessageW GetMessageW 179->185 186 7ff7a0c24035-7ff7a0c2404a call 7ff7a0c236a0 call 7ff7a0c23360 call 7ff7a0c23670 179->186 180->179 184 7ff7a0c23f1b-7ff7a0c23f25 call 7ff7a0c233c0 180->184 184->160 198 7ff7a0c23f2b-7ff7a0c23f3f call 7ff7a0c290c0 184->198 185->186 209 7ff7a0c2404f-7ff7a0c24067 call 7ff7a0c26fc0 call 7ff7a0c26d70 186->209 192 7ff7a0c23e2d-7ff7a0c23e2f 187->192 193 7ff7a0c23e23-7ff7a0c23e2b 187->193 200 7ff7a0c23ef2-7ff7a0c23efc call 7ff7a0c28940 188->200 201 7ff7a0c23e42-7ff7a0c23e48 188->201 192->188 193->192 207 7ff7a0c23f41-7ff7a0c23f5e PostMessageW GetMessageW 198->207 208 7ff7a0c23f64-7ff7a0c23fa7 call 7ff7a0c28940 call 7ff7a0c289e0 call 7ff7a0c26fc0 call 7ff7a0c26d70 call 7ff7a0c288e0 198->208 200->177 201->200 205 7ff7a0c23e4e-7ff7a0c23e54 201->205 210 7ff7a0c23e5f-7ff7a0c23e61 205->210 211 7ff7a0c23e56-7ff7a0c23e58 205->211 207->208 249 7ff7a0c23fa9-7ff7a0c23fbf call 7ff7a0c28ed0 call 7ff7a0c288e0 208->249 250 7ff7a0c23ff5-7ff7a0c24003 call 7ff7a0c21900 208->250 210->177 214 7ff7a0c23e67-7ff7a0c23e83 call 7ff7a0c26dc0 call 7ff7a0c27340 210->214 211->214 215 7ff7a0c23e5a 211->215 227 7ff7a0c23e8e-7ff7a0c23e95 214->227 228 7ff7a0c23e85-7ff7a0c23e8c 214->228 215->177 231 7ff7a0c23e97-7ff7a0c23ea4 call 7ff7a0c26e00 227->231 232 7ff7a0c23eaf-7ff7a0c23eb9 call 7ff7a0c271b0 227->232 230 7ff7a0c23edb-7ff7a0c23ef0 call 7ff7a0c22a50 call 7ff7a0c26fc0 call 7ff7a0c26d70 228->230 230->177 231->232 243 7ff7a0c23ea6-7ff7a0c23ead 231->243 244 7ff7a0c23ebb-7ff7a0c23ec2 232->244 245 7ff7a0c23ec4-7ff7a0c23ed2 call 7ff7a0c274f0 232->245 243->230 244->230 245->177 257 7ff7a0c23ed4 245->257 249->250 261 7ff7a0c23fc1-7ff7a0c23fd6 249->261 250->160 257->230 262 7ff7a0c23fd8-7ff7a0c23feb call 7ff7a0c22710 call 7ff7a0c21900 261->262 263 7ff7a0c23ff0 call 7ff7a0c22a50 261->263 262->160 263->250
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFileLastModuleName
                                                                                                                                                                                                                                                                                                            • String ID: Could not create temporary directory!$Could not load PyInstaller's embedded PKG archive from the executable (%s)$Could not side-load PyInstaller's PKG archive from external file (%s)$Failed to convert DLL search path!$Failed to initialize security descriptor for temporary directory!$Failed to load Tcl/Tk shared libraries for splash screen!$Failed to load splash screen resources!$Failed to remove temporary directory: %s$Failed to start splash screen!$Failed to unpack splash screen dependencies from PKG archive!$Invalid value in _PYI_PARENT_PROCESS_LEVEL: %s$MEI$PYINSTALLER_RESET_ENVIRONMENT$PYINSTALLER_STRICT_UNPACK_MODE$PYINSTALLER_SUPPRESS_SPLASH_SCREEN$Path exceeds PYI_PATH_MAX limit.$Py_GIL_DISABLED$VCRUNTIME140.dll$_PYI_APPLICATION_HOME_DIR$_PYI_APPLICATION_HOME_DIR not set for onefile child process!$_PYI_ARCHIVE_FILE$_PYI_PARENT_PROCESS_LEVEL$_PYI_SPLASH_IPC$pkg$pyi-contents-directory$pyi-disable-windowed-traceback$pyi-python-flag$pyi-runtime-tmpdir
                                                                                                                                                                                                                                                                                                            • API String ID: 2776309574-4232158417
                                                                                                                                                                                                                                                                                                            • Opcode ID: d52c1960cc45de78c26c9f57622ace5a14626686e839aa839f1fc42fe00fc1f1
                                                                                                                                                                                                                                                                                                            • Instruction ID: ce62b71419867ac1e93813f7d4488f789b4c68764a94113aeaf48454821278f3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d52c1960cc45de78c26c9f57622ace5a14626686e839aa839f1fc42fe00fc1f1
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89326D21E0A68391FA19BB3594583F9E651AF58780FC64832DA5D42BF6EF3CF558C320
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DD92B0 Relevance: 14.0, APIs: 6, Strings: 3, Instructions: 513COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 393 7ff8a8dd92b0-7ff8a8dd932f 394 7ff8a8dd9335-7ff8a8dd933f 393->394 395 7ff8a8dd948d-7ff8a8dd94a3 393->395 394->395 396 7ff8a8dd9345-7ff8a8dd9348 394->396 397 7ff8a8dd939f-7ff8a8dd93e5 call 7ff8a8dc6180 395->397 398 7ff8a8dd94a9-7ff8a8dd94af 395->398 396->398 399 7ff8a8dd934e 396->399 407 7ff8a8dd9a7e-7ff8a8dd9a81 397->407 408 7ff8a8dd93eb-7ff8a8dd944f memset 397->408 398->397 400 7ff8a8dd94b5-7ff8a8dd94cb call 7ff8a8dc6180 398->400 402 7ff8a8dd9355-7ff8a8dd935e 399->402 412 7ff8a8dd94d1-7ff8a8dd94ec 400->412 413 7ff8a8dd9ade 400->413 402->402 405 7ff8a8dd9360-7ff8a8dd936f call 7ff8a8dc6180 402->405 405->413 425 7ff8a8dd9375-7ff8a8dd938b memcpy 405->425 407->413 414 7ff8a8dd9a83-7ff8a8dd9a8a 407->414 409 7ff8a8dd9455-7ff8a8dd9471 memcpy 408->409 410 7ff8a8dd9778-7ff8a8dd9788 408->410 415 7ff8a8dd9477-7ff8a8dd9488 memcpy 409->415 416 7ff8a8dd962b 409->416 417 7ff8a8dd96cf-7ff8a8dd96f4 410->417 431 7ff8a8dd9506-7ff8a8dd950d 412->431 432 7ff8a8dd94ee-7ff8a8dd94ff 412->432 419 7ff8a8dd9ae3-7ff8a8dd9afa 413->419 420 7ff8a8dd9ad5 414->420 421 7ff8a8dd9a8c-7ff8a8dd9a96 414->421 422 7ff8a8dd962e-7ff8a8dd9677 memcpy * 2 415->422 416->422 423 7ff8a8dd982f 417->423 424 7ff8a8dd96fa-7ff8a8dd96ff 417->424 420->413 427 7ff8a8dd9a9e-7ff8a8dd9acb 421->427 428 7ff8a8dd9a98 421->428 433 7ff8a8dd96cd 422->433 434 7ff8a8dd9679-7ff8a8dd9680 422->434 435 7ff8a8dd9834-7ff8a8dd9842 423->435 424->423 429 7ff8a8dd9705-7ff8a8dd9731 call 7ff8a8dcffd0 424->429 430 7ff8a8dd9390-7ff8a8dd9397 425->430 427->413 458 7ff8a8dd9acd-7ff8a8dd9ad3 427->458 428->427 442 7ff8a8dd9734-7ff8a8dd9754 429->442 430->430 437 7ff8a8dd9399 430->437 438 7ff8a8dd9510-7ff8a8dd9517 431->438 432->431 433->417 439 7ff8a8dd9686-7ff8a8dd9690 434->439 440 7ff8a8dd976a-7ff8a8dd9773 434->440 441 7ff8a8dd9845-7ff8a8dd9848 435->441 437->397 438->438 443 7ff8a8dd9519-7ff8a8dd9520 438->443 444 7ff8a8dd9692 439->444 445 7ff8a8dd9698-7ff8a8dd96c5 439->445 440->433 446 7ff8a8dd984e-7ff8a8dd9869 call 7ff8a8dd8830 441->446 447 7ff8a8dd98fb-7ff8a8dd9905 441->447 452 7ff8a8dd982a-7ff8a8dd982d 442->452 453 7ff8a8dd975a-7ff8a8dd9764 442->453 454 7ff8a8dd9527-7ff8a8dd952e 443->454 444->445 445->433 481 7ff8a8dd96c7 445->481 446->447 465 7ff8a8dd986f-7ff8a8dd98f3 446->465 450 7ff8a8dd9907-7ff8a8dd9910 447->450 451 7ff8a8dd9913-7ff8a8dd9926 call 7ff8a8dd46f0 447->451 450->451 477 7ff8a8dd9a70-7ff8a8dd9a7c 451->477 478 7ff8a8dd992c-7ff8a8dd9936 451->478 452->441 460 7ff8a8dd9766-7ff8a8dd9768 453->460 461 7ff8a8dd978d-7ff8a8dd9790 453->461 454->454 462 7ff8a8dd9530-7ff8a8dd9547 454->462 458->413 468 7ff8a8dd9792-7ff8a8dd979a 460->468 461->468 463 7ff8a8dd9597-7ff8a8dd959e 462->463 464 7ff8a8dd9549 462->464 472 7ff8a8dd95a0-7ff8a8dd95a7 463->472 473 7ff8a8dd95c2-7ff8a8dd95c9 463->473 469 7ff8a8dd9550-7ff8a8dd9557 464->469 490 7ff8a8dd98f5 465->490 491 7ff8a8dd9959-7ff8a8dd995f 465->491 475 7ff8a8dd979c-7ff8a8dd97b0 call 7ff8a8dd7c00 468->475 476 7ff8a8dd97be-7ff8a8dd97d4 call 7ff8a8e86ad0 468->476 479 7ff8a8dd9560-7ff8a8dd9569 469->479 472->397 482 7ff8a8dd95ad-7ff8a8dd95bc call 7ff8a8e85ae0 472->482 484 7ff8a8dd95cb-7ff8a8dd95d5 473->484 485 7ff8a8dd961a 473->485 475->476 499 7ff8a8dd97b2-7ff8a8dd97b7 475->499 500 7ff8a8dd97d6-7ff8a8dd97eb call 7ff8a8e3df90 476->500 501 7ff8a8dd97ed 476->501 477->419 487 7ff8a8dd993e-7ff8a8dd9951 478->487 488 7ff8a8dd9938 478->488 479->479 489 7ff8a8dd956b-7ff8a8dd9579 479->489 481->433 482->397 482->473 495 7ff8a8dd95d7 484->495 496 7ff8a8dd95dd-7ff8a8dd960a 484->496 498 7ff8a8dd9623-7ff8a8dd9626 485->498 487->491 488->487 503 7ff8a8dd9580-7ff8a8dd9589 489->503 490->447 504 7ff8a8dd9961-7ff8a8dd9984 491->504 505 7ff8a8dd9988-7ff8a8dd9998 491->505 495->496 496->498 519 7ff8a8dd960c-7ff8a8dd9615 496->519 498->419 499->476 508 7ff8a8dd97ef-7ff8a8dd97f4 500->508 501->508 503->503 509 7ff8a8dd958b-7ff8a8dd9595 503->509 504->505 517 7ff8a8dd99a0-7ff8a8dd99d1 505->517 518 7ff8a8dd999a 505->518 512 7ff8a8dd97f6-7ff8a8dd980c call 7ff8a8e86ad0 508->512 513 7ff8a8dd9822-7ff8a8dd9828 508->513 509->463 509->469 512->452 523 7ff8a8dd980e-7ff8a8dd9820 call 7ff8a8e3df90 512->523 513->435 521 7ff8a8dd99e4-7ff8a8dd99eb 517->521 522 7ff8a8dd99d3-7ff8a8dd99e2 517->522 518->517 519->419 524 7ff8a8dd99ef-7ff8a8dd9a11 call 7ff8a8dd7c00 521->524 522->524 523->452 523->513 530 7ff8a8dd9a13-7ff8a8dd9a17 524->530 531 7ff8a8dd9a19-7ff8a8dd9a1c 524->531 532 7ff8a8dd9a27-7ff8a8dd9a39 530->532 533 7ff8a8dd9a23 531->533 534 7ff8a8dd9a1e-7ff8a8dd9a21 531->534 535 7ff8a8dd9a44-7ff8a8dd9a56 532->535 536 7ff8a8dd9a3b-7ff8a8dd9a42 532->536 533->532 534->532 534->533 537 7ff8a8dd9a5a-7ff8a8dd9a6e 535->537 536->537 537->419
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID: -journal$immutable$nolock
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-4201244970
                                                                                                                                                                                                                                                                                                            • Opcode ID: 95dfc5eb3a2b91b0b05eae05496405c8b320d85879105ed79006f32c0b4f1719
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6b7ff2da34290bba97629f76659fa8ef1b656ba2102cb0d2ac0132c7417d7c7b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 95dfc5eb3a2b91b0b05eae05496405c8b320d85879105ed79006f32c0b4f1719
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 23327D72A0B682B6EB648F25A44037937A1FB45BE4F044234CA6E477D4EF3DE459C724
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C46964 Relevance: 13.8, APIs: 9, Instructions: 276fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 613 7ff7a0c46964-7ff7a0c469d7 call 7ff7a0c46698 616 7ff7a0c469d9-7ff7a0c469e2 call 7ff7a0c34ee8 613->616 617 7ff7a0c469f1-7ff7a0c469fb call 7ff7a0c38520 613->617 624 7ff7a0c469e5-7ff7a0c469ec call 7ff7a0c34f08 616->624 622 7ff7a0c469fd-7ff7a0c46a14 call 7ff7a0c34ee8 call 7ff7a0c34f08 617->622 623 7ff7a0c46a16-7ff7a0c46a7f CreateFileW 617->623 622->624 626 7ff7a0c46afc-7ff7a0c46b07 GetFileType 623->626 627 7ff7a0c46a81-7ff7a0c46a87 623->627 635 7ff7a0c46d32-7ff7a0c46d52 624->635 630 7ff7a0c46b5a-7ff7a0c46b61 626->630 631 7ff7a0c46b09-7ff7a0c46b44 GetLastError call 7ff7a0c34e7c CloseHandle 626->631 633 7ff7a0c46ac9-7ff7a0c46af7 GetLastError call 7ff7a0c34e7c 627->633 634 7ff7a0c46a89-7ff7a0c46a8d 627->634 638 7ff7a0c46b69-7ff7a0c46b6c 630->638 639 7ff7a0c46b63-7ff7a0c46b67 630->639 631->624 647 7ff7a0c46b4a-7ff7a0c46b55 call 7ff7a0c34f08 631->647 633->624 634->633 640 7ff7a0c46a8f-7ff7a0c46ac7 CreateFileW 634->640 644 7ff7a0c46b72-7ff7a0c46bc7 call 7ff7a0c38438 638->644 645 7ff7a0c46b6e 638->645 639->644 640->626 640->633 652 7ff7a0c46bc9-7ff7a0c46bd5 call 7ff7a0c468a0 644->652 653 7ff7a0c46be6-7ff7a0c46c17 call 7ff7a0c46418 644->653 645->644 647->624 652->653 658 7ff7a0c46bd7 652->658 659 7ff7a0c46c19-7ff7a0c46c1b 653->659 660 7ff7a0c46c1d-7ff7a0c46c5f 653->660 661 7ff7a0c46bd9-7ff7a0c46be1 call 7ff7a0c3aac0 658->661 659->661 662 7ff7a0c46c81-7ff7a0c46c8c 660->662 663 7ff7a0c46c61-7ff7a0c46c65 660->663 661->635 666 7ff7a0c46c92-7ff7a0c46c96 662->666 667 7ff7a0c46d30 662->667 663->662 665 7ff7a0c46c67-7ff7a0c46c7c 663->665 665->662 666->667 669 7ff7a0c46c9c-7ff7a0c46ce1 CloseHandle CreateFileW 666->669 667->635 670 7ff7a0c46d16-7ff7a0c46d2b 669->670 671 7ff7a0c46ce3-7ff7a0c46d11 GetLastError call 7ff7a0c34e7c call 7ff7a0c38660 669->671 670->667 671->670
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: File$CreateErrorLast_invalid_parameter_noinfo$CloseHandle$Type
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1617910340-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: baaa1bd2bfcf3e8d87424e6061cd652f961a4b3dae6ad7eaae94581ee29caa63
                                                                                                                                                                                                                                                                                                            • Instruction ID: 399c1fbaf016836a1ef11d5de561122320bddbc6b3029ca631a8a37340816d76
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: baaa1bd2bfcf3e8d87424e6061cd652f961a4b3dae6ad7eaae94581ee29caa63
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ABC1F536B25A4285EB10EF64C4942ECB762FB49B98F421635DE1E973E9CF39E451C310
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E44C70 Relevance: 9.4, APIs: 3, Strings: 3, Instructions: 370COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 1269 7ff8a8e44c70-7ff8a8e44d41 memset 1270 7ff8a8e44d59-7ff8a8e44d5d 1269->1270 1271 7ff8a8e44d43-7ff8a8e44d56 1269->1271 1272 7ff8a8e44d5f-7ff8a8e44d78 call 7ff8a8dca500 1270->1272 1273 7ff8a8e44d7d-7ff8a8e44d83 1270->1273 1271->1270 1280 7ff8a8e451ec-7ff8a8e4521a call 7ff8a8e449c0 call 7ff8a8ef2900 1272->1280 1275 7ff8a8e44d96-7ff8a8e44d9e 1273->1275 1276 7ff8a8e44d85-7ff8a8e44d8f 1273->1276 1278 7ff8a8e44e81-7ff8a8e44e89 1275->1278 1279 7ff8a8e44da4-7ff8a8e44daa 1275->1279 1276->1275 1281 7ff8a8e44e8b-7ff8a8e44e8e call 7ff8a8e5e660 1278->1281 1282 7ff8a8e44e93-7ff8a8e44e96 1278->1282 1283 7ff8a8e44e7c 1279->1283 1284 7ff8a8e44db0-7ff8a8e44db7 1279->1284 1281->1282 1287 7ff8a8e44f3b-7ff8a8e44f43 call 7ff8a8e7fc80 1282->1287 1288 7ff8a8e44e9c 1282->1288 1283->1278 1289 7ff8a8e44dc0-7ff8a8e44dcc 1284->1289 1303 7ff8a8e44f48-7ff8a8e44f4b 1287->1303 1291 7ff8a8e44eaa-7ff8a8e44eb1 1288->1291 1292 7ff8a8e44e9e-7ff8a8e44ea4 1288->1292 1293 7ff8a8e44e3e-7ff8a8e44e49 1289->1293 1294 7ff8a8e44dce-7ff8a8e44dd2 1289->1294 1299 7ff8a8e44edb-7ff8a8e44ede 1291->1299 1300 7ff8a8e44eb3-7ff8a8e44ed6 call 7ff8a8dca370 call 7ff8a8dc6d20 1291->1300 1292->1287 1292->1291 1296 7ff8a8e44e4b-7ff8a8e44e4d 1293->1296 1297 7ff8a8e44e77 1293->1297 1301 7ff8a8e44de7-7ff8a8e44def 1294->1301 1302 7ff8a8e44dd4-7ff8a8e44ddb 1294->1302 1296->1289 1297->1283 1305 7ff8a8e44f2e-7ff8a8e44f39 1299->1305 1306 7ff8a8e44ee0-7ff8a8e44ef2 call 7ff8a8dc6880 1299->1306 1300->1280 1301->1293 1304 7ff8a8e44df1-7ff8a8e44df8 1301->1304 1302->1301 1309 7ff8a8e44ddd-7ff8a8e44de5 call 7ff8a8ddfef0 1302->1309 1310 7ff8a8e44f4d-7ff8a8e44f54 1303->1310 1311 7ff8a8e44f57-7ff8a8e44f63 1303->1311 1314 7ff8a8e44dfa-7ff8a8e44dfe 1304->1314 1315 7ff8a8e44e07-7ff8a8e44e0e 1304->1315 1305->1303 1306->1305 1332 7ff8a8e44ef4-7ff8a8e44f2c memcpy call 7ff8a8e7fc80 call 7ff8a8dc6400 1306->1332 1309->1301 1310->1311 1312 7ff8a8e44fc8-7ff8a8e44fcc 1311->1312 1313 7ff8a8e44f65-7ff8a8e44f71 1311->1313 1326 7ff8a8e44fce-7ff8a8e44fdc 1312->1326 1327 7ff8a8e44fe1-7ff8a8e44fe7 1312->1327 1313->1312 1321 7ff8a8e44f73-7ff8a8e44f7d 1313->1321 1314->1315 1322 7ff8a8e44e00-7ff8a8e44e05 1314->1322 1324 7ff8a8e44e2a 1315->1324 1325 7ff8a8e44e10-7ff8a8e44e13 1315->1325 1329 7ff8a8e44f89-7ff8a8e44f8f 1321->1329 1330 7ff8a8e44f7f 1321->1330 1331 7ff8a8e44e2c-7ff8a8e44e30 1322->1331 1324->1331 1333 7ff8a8e44e21-7ff8a8e44e28 1325->1333 1334 7ff8a8e44e15-7ff8a8e44e19 1325->1334 1335 7ff8a8e45118-7ff8a8e4511b 1326->1335 1336 7ff8a8e44fed-7ff8a8e44ff0 1327->1336 1337 7ff8a8e45184-7ff8a8e451a2 1327->1337 1338 7ff8a8e44fba 1329->1338 1339 7ff8a8e44f91-7ff8a8e44fa3 call 7ff8a8dc6880 1329->1339 1330->1329 1342 7ff8a8e44e3a-7ff8a8e44e3c 1331->1342 1343 7ff8a8e44e32-7ff8a8e44e35 call 7ff8a8ddfec0 1331->1343 1332->1303 1333->1324 1333->1325 1334->1333 1341 7ff8a8e44e1b-7ff8a8e44e1f 1334->1341 1344 7ff8a8e4511d-7ff8a8e45120 call 7ff8a8df59e0 1335->1344 1345 7ff8a8e45125-7ff8a8e45131 1335->1345 1336->1337 1346 7ff8a8e44ff6-7ff8a8e44ffb 1336->1346 1347 7ff8a8e451bf-7ff8a8e451c6 1337->1347 1348 7ff8a8e451a4-7ff8a8e451ad 1337->1348 1358 7ff8a8e44fbc-7ff8a8e44fc3 1338->1358 1339->1358 1375 7ff8a8e44fa5-7ff8a8e44fb8 memcpy 1339->1375 1341->1322 1341->1333 1342->1293 1360 7ff8a8e44e52-7ff8a8e44e72 call 7ff8a8dca370 1342->1360 1343->1342 1344->1345 1353 7ff8a8e45158-7ff8a8e45161 1345->1353 1354 7ff8a8e45133-7ff8a8e4514c call 7ff8a8dca370 1345->1354 1346->1335 1350 7ff8a8e45001-7ff8a8e45008 1346->1350 1347->1280 1355 7ff8a8e451c8 1347->1355 1351 7ff8a8e451b9 1348->1351 1352 7ff8a8e451af-7ff8a8e451b7 call 7ff8a8df0600 1348->1352 1350->1335 1361 7ff8a8e4500e-7ff8a8e4501a 1350->1361 1351->1347 1352->1347 1367 7ff8a8e45163-7ff8a8e4516b 1353->1367 1368 7ff8a8e45176-7ff8a8e45182 call 7ff8a8dca250 1353->1368 1354->1347 1380 7ff8a8e4514e-7ff8a8e45156 call 7ff8a8dc6400 1354->1380 1365 7ff8a8e451d0-7ff8a8e451ea call 7ff8a8dc6400 1355->1365 1358->1312 1360->1280 1361->1335 1370 7ff8a8e45020-7ff8a8e4502d 1361->1370 1365->1280 1367->1368 1376 7ff8a8e4516d-7ff8a8e45174 1367->1376 1368->1347 1379 7ff8a8e45030-7ff8a8e45044 1370->1379 1375->1358 1376->1347 1383 7ff8a8e4504a-7ff8a8e4504e 1379->1383 1384 7ff8a8e450fd-7ff8a8e45108 1379->1384 1380->1347 1386 7ff8a8e45088-7ff8a8e45090 1383->1386 1387 7ff8a8e45050-7ff8a8e45062 call 7ff8a8de3790 1383->1387 1384->1379 1389 7ff8a8e4510e-7ff8a8e45113 1384->1389 1391 7ff8a8e450a3-7ff8a8e450b6 1386->1391 1392 7ff8a8e45092-7ff8a8e45099 1386->1392 1401 7ff8a8e4506b-7ff8a8e45073 call 7ff8a8dc6c40 1387->1401 1402 7ff8a8e45064-7ff8a8e45069 1387->1402 1389->1335 1394 7ff8a8e450b8-7ff8a8e450bc 1391->1394 1395 7ff8a8e450c6-7ff8a8e450d2 1391->1395 1392->1391 1393 7ff8a8e4509b-7ff8a8e4509e call 7ff8a8ddfef0 1392->1393 1393->1391 1394->1395 1398 7ff8a8e450be-7ff8a8e450c1 call 7ff8a8ddfec0 1394->1398 1399 7ff8a8e450ee-7ff8a8e450f3 1395->1399 1400 7ff8a8e450d4-7ff8a8e450e9 call 7ff8a8e21280 1395->1400 1398->1395 1399->1384 1406 7ff8a8e450f5-7ff8a8e450f8 call 7ff8a8de4b80 1399->1406 1400->1399 1405 7ff8a8e45077-7ff8a8e4507a 1401->1405 1402->1401 1402->1405 1405->1389 1410 7ff8a8e45080 1405->1410 1406->1384 1410->1386
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID: database schema is locked: %s$out of memory$statement too long
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-1046679716
                                                                                                                                                                                                                                                                                                            • Opcode ID: eff05257c74e90aa0e1940b875ca521abe1a49ca8ed551c39b0cee3d305ec0d8
                                                                                                                                                                                                                                                                                                            • Instruction ID: 27125be47bc794ea0672bf60dc51fa8c0b07eadc35b01dcb5b865da94f8075e1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eff05257c74e90aa0e1940b875ca521abe1a49ca8ed551c39b0cee3d305ec0d8
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 18F19132A0E782E6EB25CF2194003BA6BA0FB85BC8F094135DA4E07795DF7DE594C764
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE2250 Relevance: 5.1, APIs: 2, Strings: 1, Instructions: 586stringCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpystrcmp
                                                                                                                                                                                                                                                                                                            • String ID: :memory:
                                                                                                                                                                                                                                                                                                            • API String ID: 4075415522-2920599690
                                                                                                                                                                                                                                                                                                            • Opcode ID: f963e081ade6bb53bb43bf6ace0cd5aadf94e065bdc22280a4e52e05e89868a5
                                                                                                                                                                                                                                                                                                            • Instruction ID: b1132bb1e7766466d1e31d77ab27af259043867d041bed3d3d07d8f3e88dc169
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f963e081ade6bb53bb43bf6ace0cd5aadf94e065bdc22280a4e52e05e89868a5
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C6429272A0E786A3EB258B25A55037937A0FF55BD4F044139EE5D437A1EF3CE4988328
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C29280 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Find$CloseFileFirst
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2295610775-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3849ca1beccae91a12aeced599bc73bdbec409d6dd090ca7d2ec6d5d284a4285
                                                                                                                                                                                                                                                                                                            • Instruction ID: 593c126fec37d44b6ff563d3b60d22d6f3dc84bd281c556cceccd4c9cf9ddd38
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3849ca1beccae91a12aeced599bc73bdbec409d6dd090ca7d2ec6d5d284a4285
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6FF0A922A1964386F760AB60B4987A6B350FF84364F450635D9AD01BE4DF3CF0488600
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DD1230 Relevance: 1.7, APIs: 1, Instructions: 204COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: InfoSystem
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 31276548-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 0609f6becf4837133f86ac5623d419228c70d3b405efdb4a8828f98acc38b35e
                                                                                                                                                                                                                                                                                                            • Instruction ID: d018c1ec151ad55c9674b4c6979fe5b2c0827ceda2b8ea6017ff09b69b4b4d52
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0609f6becf4837133f86ac5623d419228c70d3b405efdb4a8828f98acc38b35e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7AA10C71A0BB07A5FF548B65B854278A2A0FF44BC0F540639C99D477A0EF7CE4988738
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21950 Relevance: 22.9, APIs: 2, Strings: 11, Instructions: 184COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 269 7ff7a0c21950-7ff7a0c2198b call 7ff7a0c245c0 272 7ff7a0c21c4e-7ff7a0c21c72 call 7ff7a0c2c550 269->272 273 7ff7a0c21991-7ff7a0c219d1 call 7ff7a0c27f90 269->273 278 7ff7a0c219d7-7ff7a0c219e7 call 7ff7a0c306d4 273->278 279 7ff7a0c21c3b-7ff7a0c21c3e call 7ff7a0c3004c 273->279 284 7ff7a0c21a08-7ff7a0c21a24 call 7ff7a0c3039c 278->284 285 7ff7a0c219e9-7ff7a0c21a03 call 7ff7a0c34f08 call 7ff7a0c22910 278->285 282 7ff7a0c21c43-7ff7a0c21c4b 279->282 282->272 291 7ff7a0c21a26-7ff7a0c21a40 call 7ff7a0c34f08 call 7ff7a0c22910 284->291 292 7ff7a0c21a45-7ff7a0c21a5a call 7ff7a0c34f28 284->292 285->279 291->279 299 7ff7a0c21a5c-7ff7a0c21a76 call 7ff7a0c34f08 call 7ff7a0c22910 292->299 300 7ff7a0c21a7b-7ff7a0c21afc call 7ff7a0c21c80 * 2 call 7ff7a0c306d4 292->300 299->279 311 7ff7a0c21b01-7ff7a0c21b14 call 7ff7a0c34f44 300->311 314 7ff7a0c21b16-7ff7a0c21b30 call 7ff7a0c34f08 call 7ff7a0c22910 311->314 315 7ff7a0c21b35-7ff7a0c21b4e call 7ff7a0c3039c 311->315 314->279 321 7ff7a0c21b50-7ff7a0c21b6a call 7ff7a0c34f08 call 7ff7a0c22910 315->321 322 7ff7a0c21b6f-7ff7a0c21b8b call 7ff7a0c30110 315->322 321->279 329 7ff7a0c21b9e-7ff7a0c21bac 322->329 330 7ff7a0c21b8d-7ff7a0c21b99 call 7ff7a0c22710 322->330 329->279 331 7ff7a0c21bb2-7ff7a0c21bb9 329->331 330->279 334 7ff7a0c21bc1-7ff7a0c21bc7 331->334 336 7ff7a0c21bc9-7ff7a0c21bd6 334->336 337 7ff7a0c21be0-7ff7a0c21bef 334->337 338 7ff7a0c21bf1-7ff7a0c21bfa 336->338 337->337 337->338 339 7ff7a0c21bfc-7ff7a0c21bff 338->339 340 7ff7a0c21c0f 338->340 339->340 341 7ff7a0c21c01-7ff7a0c21c04 339->341 342 7ff7a0c21c11-7ff7a0c21c24 340->342 341->340 343 7ff7a0c21c06-7ff7a0c21c09 341->343 344 7ff7a0c21c2d-7ff7a0c21c39 342->344 345 7ff7a0c21c26 342->345 343->340 346 7ff7a0c21c0b-7ff7a0c21c0d 343->346 344->279 344->334 345->344 346->342
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C27F90: _fread_nolock.LIBCMT ref: 00007FF7A0C2803A
                                                                                                                                                                                                                                                                                                            • _fread_nolock.LIBCMT ref: 00007FF7A0C21A1B
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22910: GetCurrentProcessId.KERNEL32(?,?,?,?,00000000,00000000,?,00000000,00007FF7A0C21B6A), ref: 00007FF7A0C2295E
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _fread_nolock$CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Could not allocate buffer for TOC!$Could not allocate memory for archive structure!$Could not read full TOC!$Error on file.$Failed to read cookie!$Failed to seek to cookie position!$MEI$calloc$fread$fseek$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2397952137-3497178890
                                                                                                                                                                                                                                                                                                            • Opcode ID: 27547418d9ab5e62463e202343d91a8db4d430f9fb0a7f3bbb020ab973e08554
                                                                                                                                                                                                                                                                                                            • Instruction ID: 112cbe7192cf7777d2a11398a42c836753bb25827aa65c99defb6eb02ead2aa7
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27547418d9ab5e62463e202343d91a8db4d430f9fb0a7f3bbb020ab973e08554
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5681A171A0A68386EB24FB24D0542F9A3A1BF58784FC64831ED8D47BA6DE3CF5458760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21470 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 107COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-3659356012
                                                                                                                                                                                                                                                                                                            • Opcode ID: 0415811bb7329ddca4e4a244178c4befdf0ff72a6341d4c7f046017dd740e2c3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 2d57bf9cdbda707dd9341bcc5f755a0c8de4d9374b762345064f41d628d21d25
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0415811bb7329ddca4e4a244178c4befdf0ff72a6341d4c7f046017dd740e2c3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06418F22A1A64396EA10FB3194001F9E391BF98794FC64C32ED4D07BBADE3CF5428720
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21210 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 158COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 676 7ff7a0c21210-7ff7a0c2126d call 7ff7a0c2bd80 679 7ff7a0c21297-7ff7a0c212af call 7ff7a0c34f44 676->679 680 7ff7a0c2126f-7ff7a0c21296 call 7ff7a0c22710 676->680 685 7ff7a0c212b1-7ff7a0c212cf call 7ff7a0c34f08 call 7ff7a0c22910 679->685 686 7ff7a0c212d4-7ff7a0c212e4 call 7ff7a0c34f44 679->686 699 7ff7a0c21439-7ff7a0c2146d call 7ff7a0c2ba60 call 7ff7a0c34f30 * 2 685->699 691 7ff7a0c21309-7ff7a0c2131b 686->691 692 7ff7a0c212e6-7ff7a0c21304 call 7ff7a0c34f08 call 7ff7a0c22910 686->692 695 7ff7a0c21320-7ff7a0c21345 call 7ff7a0c3039c 691->695 692->699 705 7ff7a0c2134b-7ff7a0c21355 call 7ff7a0c30110 695->705 706 7ff7a0c21431 695->706 705->706 712 7ff7a0c2135b-7ff7a0c21367 705->712 706->699 714 7ff7a0c21370-7ff7a0c21398 call 7ff7a0c2a1c0 712->714 717 7ff7a0c2139a-7ff7a0c2139d 714->717 718 7ff7a0c21416-7ff7a0c2142c call 7ff7a0c22710 714->718 719 7ff7a0c2139f-7ff7a0c213a9 717->719 720 7ff7a0c21411 717->720 718->706 722 7ff7a0c213ab-7ff7a0c213b9 call 7ff7a0c30adc 719->722 723 7ff7a0c213d4-7ff7a0c213d7 719->723 720->718 727 7ff7a0c213be-7ff7a0c213c1 722->727 725 7ff7a0c213ea-7ff7a0c213ef 723->725 726 7ff7a0c213d9-7ff7a0c213e7 call 7ff7a0c49e30 723->726 725->714 729 7ff7a0c213f5-7ff7a0c213f8 725->729 726->725 730 7ff7a0c213cf-7ff7a0c213d2 727->730 731 7ff7a0c213c3-7ff7a0c213cd call 7ff7a0c30110 727->731 733 7ff7a0c213fa-7ff7a0c213fd 729->733 734 7ff7a0c2140c-7ff7a0c2140f 729->734 730->718 731->725 731->730 733->718 735 7ff7a0c213ff-7ff7a0c21407 733->735 734->706 735->695
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: 1.3.1$Failed to extract %s: decompression resulted in return code %d!$Failed to extract %s: failed to allocate temporary input buffer!$Failed to extract %s: failed to allocate temporary output buffer!$Failed to extract %s: inflateInit() failed with return code %d!$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-2813020118
                                                                                                                                                                                                                                                                                                            • Opcode ID: 698b21169e7bd12c857e57f237555d9e116291535cd7e4395843bf29195d2337
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6ae7ca427d19e76a1ed9648e7c6f72c8b56b19811e210174317a52af84220a62
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 698b21169e7bd12c857e57f237555d9e116291535cd7e4395843bf29195d2337
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B251D422A0A64385E624BB25A4103FAE291FF98794FD64931ED4D47BF6EE3CF501C720
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3ED10 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,?,?,00007FF7A0C3F0AA,?,?,-00000018,00007FF7A0C3AD53,?,?,?,00007FF7A0C3AC4A,?,?,?,00007FF7A0C35F3E), ref: 00007FF7A0C3EE8C
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF7A0C3F0AA,?,?,-00000018,00007FF7A0C3AD53,?,?,?,00007FF7A0C3AC4A,?,?,?,00007FF7A0C35F3E), ref: 00007FF7A0C3EE98
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                                                                                                                            • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                                                                                            • API String ID: 3013587201-537541572
                                                                                                                                                                                                                                                                                                            • Opcode ID: 113d78e4ddfca44ef7199ea688f338981f8b4522c7c5ddaba00381c3941a83e2
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0da2e380f4e1d627fcce44e64c80b859d4855d51bae561c2dfa3a4afcb882232
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 113d78e4ddfca44ef7199ea688f338981f8b4522c7c5ddaba00381c3941a83e2
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AF41E361B2AA0341FB19AB1698146F6E291BF48B90FCA4935DD1D477E4EF3CF4058321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C236B0 Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(?,00007FF7A0C23804), ref: 00007FF7A0C236E1
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C23804), ref: 00007FF7A0C236EB
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22C50: GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF7A0C23706,?,00007FF7A0C23804), ref: 00007FF7A0C22C9E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22C50: FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF7A0C23706,?,00007FF7A0C23804), ref: 00007FF7A0C22D63
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22C50: MessageBoxW.USER32 ref: 00007FF7A0C22D99
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Message$CurrentErrorFileFormatLastModuleNameProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to convert executable path to UTF-8.$Failed to obtain executable path.$Failed to resolve full path to executable %ls.$GetModuleFileNameW$\\?\
                                                                                                                                                                                                                                                                                                            • API String ID: 3187769757-2863816727
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7a7bb6314ef99d1ea6b5a99dff4d55fbb7227be169d5ba9e119ffda366a0a745
                                                                                                                                                                                                                                                                                                            • Instruction ID: aa2cf8fe19592cb25e1afe3b90f0c41c459dbb01ef57a7d79ec5e2e54f7a4aca
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7a7bb6314ef99d1ea6b5a99dff4d55fbb7227be169d5ba9e119ffda366a0a745
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 18215EA1B1A64351FA60BB34E8543F6A251BF88794FC24932D65D82BF5EE3CF504C360
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E443D0 Relevance: 10.8, APIs: 1, Strings: 6, Instructions: 334COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 1004 7ff8a8e443d0-7ff8a8e44494 call 7ff8a8e440d0 1007 7ff8a8e4449a-7ff8a8e444b8 1004->1007 1008 7ff8a8e44846-7ff8a8e44849 1004->1008 1009 7ff8a8e444ba-7ff8a8e444cd 1007->1009 1010 7ff8a8e444d2-7ff8a8e444d6 1007->1010 1011 7ff8a8e4484b-7ff8a8e44851 1008->1011 1012 7ff8a8e44853-7ff8a8e44856 call 7ff8a8dc6c40 1008->1012 1013 7ff8a8e4486f-7ff8a8e4488e call 7ff8a8ef2900 1009->1013 1014 7ff8a8e444d8-7ff8a8e444df 1010->1014 1015 7ff8a8e444e6-7ff8a8e444f2 1010->1015 1011->1012 1016 7ff8a8e4485b-7ff8a8e44861 call 7ff8a8e21280 1011->1016 1012->1016 1014->1015 1018 7ff8a8e444e1 call 7ff8a8ddfef0 1014->1018 1019 7ff8a8e444fe-7ff8a8e44502 1015->1019 1020 7ff8a8e444f4-7ff8a8e444f8 1015->1020 1027 7ff8a8e44866-7ff8a8e44868 1016->1027 1018->1015 1025 7ff8a8e4450a-7ff8a8e4450f call 7ff8a8de3790 1019->1025 1026 7ff8a8e44504-7ff8a8e44508 1019->1026 1020->1019 1024 7ff8a8e4457b-7ff8a8e44586 1020->1024 1031 7ff8a8e44590-7ff8a8e445a7 call 7ff8a8ded660 1024->1031 1032 7ff8a8e44514-7ff8a8e44518 1025->1032 1026->1025 1029 7ff8a8e44578 1026->1029 1027->1013 1029->1024 1037 7ff8a8e445a9-7ff8a8e445b1 1031->1037 1032->1029 1034 7ff8a8e4451a-7ff8a8e44527 call 7ff8a8e82850 1032->1034 1042 7ff8a8e44529 1034->1042 1043 7ff8a8e4455e-7ff8a8e44565 1034->1043 1039 7ff8a8e445be 1037->1039 1040 7ff8a8e445b3-7ff8a8e445bc 1037->1040 1041 7ff8a8e445c1-7ff8a8e445cf 1039->1041 1040->1041 1045 7ff8a8e44685 1041->1045 1046 7ff8a8e445d5-7ff8a8e445d8 1041->1046 1044 7ff8a8e44530-7ff8a8e44539 1042->1044 1047 7ff8a8e4456f-7ff8a8e44573 1043->1047 1048 7ff8a8e44567-7ff8a8e4456a call 7ff8a8dc6400 1043->1048 1044->1044 1049 7ff8a8e4453b-7ff8a8e4454d call 7ff8a8dc6880 1044->1049 1052 7ff8a8e4468a-7ff8a8e4469d 1045->1052 1050 7ff8a8e445da-7ff8a8e445df 1046->1050 1051 7ff8a8e44615-7ff8a8e4461b 1046->1051 1054 7ff8a8e44829-7ff8a8e44831 1047->1054 1048->1047 1049->1043 1074 7ff8a8e4454f-7ff8a8e44559 memcpy 1049->1074 1050->1051 1058 7ff8a8e445e1-7ff8a8e445f6 1050->1058 1051->1045 1061 7ff8a8e4461d-7ff8a8e44630 call 7ff8a8dc6880 1051->1061 1059 7ff8a8e4469f-7ff8a8e446a4 1052->1059 1060 7ff8a8e446d3-7ff8a8e446e6 1052->1060 1055 7ff8a8e4483e-7ff8a8e44844 1054->1055 1056 7ff8a8e44833-7ff8a8e44837 1054->1056 1055->1008 1055->1027 1056->1055 1062 7ff8a8e44839 call 7ff8a8ddfec0 1056->1062 1064 7ff8a8e4460b-7ff8a8e44613 call 7ff8a8e2a830 1058->1064 1065 7ff8a8e445f8-7ff8a8e445fb 1058->1065 1066 7ff8a8e446b6-7ff8a8e446bd 1059->1066 1067 7ff8a8e446a6-7ff8a8e446ab 1059->1067 1069 7ff8a8e446e8 1060->1069 1070 7ff8a8e446ec-7ff8a8e446f4 1060->1070 1087 7ff8a8e44632-7ff8a8e44663 1061->1087 1088 7ff8a8e44666-7ff8a8e4466d 1061->1088 1062->1055 1064->1052 1065->1064 1075 7ff8a8e445fd-7ff8a8e445ff 1065->1075 1079 7ff8a8e446c0-7ff8a8e446ce call 7ff8a8de2e50 1066->1079 1076 7ff8a8e446ad-7ff8a8e446b2 1067->1076 1077 7ff8a8e446b4 1067->1077 1069->1070 1071 7ff8a8e4473c-7ff8a8e4473e 1070->1071 1072 7ff8a8e446f6-7ff8a8e44709 call 7ff8a8dc6880 1070->1072 1083 7ff8a8e4474b-7ff8a8e447b9 call 7ff8a8dc9170 call 7ff8a8e3cf30 1071->1083 1084 7ff8a8e44740-7ff8a8e44744 1071->1084 1096 7ff8a8e4470b-7ff8a8e4471d 1072->1096 1097 7ff8a8e44722-7ff8a8e44729 1072->1097 1074->1043 1075->1064 1082 7ff8a8e44601-7ff8a8e44606 1075->1082 1076->1079 1077->1066 1079->1060 1092 7ff8a8e4481a-7ff8a8e4481e 1082->1092 1106 7ff8a8e447bb-7ff8a8e447c1 call 7ff8a8dc6400 1083->1106 1107 7ff8a8e447c6-7ff8a8e447c8 1083->1107 1084->1083 1093 7ff8a8e44746 1084->1093 1087->1088 1089 7ff8a8e4466f-7ff8a8e44672 call 7ff8a8dc6400 1088->1089 1090 7ff8a8e44677-7ff8a8e44680 1088->1090 1089->1090 1090->1092 1092->1054 1099 7ff8a8e44820-7ff8a8e44824 call 7ff8a8de4b80 1092->1099 1093->1083 1096->1097 1100 7ff8a8e4472b-7ff8a8e4472e call 7ff8a8dc6400 1097->1100 1101 7ff8a8e44733-7ff8a8e44737 1097->1101 1099->1054 1100->1101 1101->1092 1106->1107 1109 7ff8a8e447ca-7ff8a8e447d0 call 7ff8a8e1e490 1107->1109 1110 7ff8a8e447d5-7ff8a8e447d9 1107->1110 1109->1110 1112 7ff8a8e447db-7ff8a8e447f0 call 7ff8a8e21310 1110->1112 1113 7ff8a8e447f2-7ff8a8e447f4 1110->1113 1112->1092 1115 7ff8a8e447f6-7ff8a8e447fe 1113->1115 1116 7ff8a8e44805-7ff8a8e44815 1113->1116 1115->1092 1118 7ff8a8e44800-7ff8a8e44803 1115->1118 1116->1092 1118->1092 1118->1116
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: CREATE TABLE x(type text,name text,tbl_name text,rootpage int,sql text)$SELECT*FROM"%w".%s ORDER BY rowid$ase$sqlite_master$sqlite_temp_master$table
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-879093740
                                                                                                                                                                                                                                                                                                            • Opcode ID: 677de11a5ccda25a2993d7e35fefdd8bbeb864cc7c0ecf9f07703b6fd1258cdb
                                                                                                                                                                                                                                                                                                            • Instruction ID: 9aa6a378e60592e7fbf6534743c1296b7e82540e1e83234ef372dbbf50489a40
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 677de11a5ccda25a2993d7e35fefdd8bbeb864cc7c0ecf9f07703b6fd1258cdb
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DAE1AA72F0AA92E6FB10CB2590402B827E5FB45BC8F054235DE1E17795DF39E862C368
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3BA5C Relevance: 10.8, APIs: 7, Instructions: 290COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                            control_flow_graph 1119 7ff7a0c3ba5c-7ff7a0c3ba82 1120 7ff7a0c3ba9d-7ff7a0c3baa1 1119->1120 1121 7ff7a0c3ba84-7ff7a0c3ba98 call 7ff7a0c34ee8 call 7ff7a0c34f08 1119->1121 1123 7ff7a0c3be77-7ff7a0c3be83 call 7ff7a0c34ee8 call 7ff7a0c34f08 1120->1123 1124 7ff7a0c3baa7-7ff7a0c3baae 1120->1124 1135 7ff7a0c3be8e 1121->1135 1143 7ff7a0c3be89 call 7ff7a0c3a8e0 1123->1143 1124->1123 1126 7ff7a0c3bab4-7ff7a0c3bae2 1124->1126 1126->1123 1129 7ff7a0c3bae8-7ff7a0c3baef 1126->1129 1132 7ff7a0c3bb08-7ff7a0c3bb0b 1129->1132 1133 7ff7a0c3baf1-7ff7a0c3bb03 call 7ff7a0c34ee8 call 7ff7a0c34f08 1129->1133 1138 7ff7a0c3bb11-7ff7a0c3bb17 1132->1138 1139 7ff7a0c3be73-7ff7a0c3be75 1132->1139 1133->1143 1141 7ff7a0c3be91-7ff7a0c3bea8 1135->1141 1138->1139 1140 7ff7a0c3bb1d-7ff7a0c3bb20 1138->1140 1139->1141 1140->1133 1144 7ff7a0c3bb22-7ff7a0c3bb47 1140->1144 1143->1135 1147 7ff7a0c3bb7a-7ff7a0c3bb81 1144->1147 1148 7ff7a0c3bb49-7ff7a0c3bb4b 1144->1148 1152 7ff7a0c3bb56-7ff7a0c3bb6d call 7ff7a0c34ee8 call 7ff7a0c34f08 call 7ff7a0c3a8e0 1147->1152 1153 7ff7a0c3bb83-7ff7a0c3bbab call 7ff7a0c3d5fc call 7ff7a0c3a948 * 2 1147->1153 1150 7ff7a0c3bb4d-7ff7a0c3bb54 1148->1150 1151 7ff7a0c3bb72-7ff7a0c3bb78 1148->1151 1150->1151 1150->1152 1155 7ff7a0c3bbf8-7ff7a0c3bc0f 1151->1155 1184 7ff7a0c3bd00 1152->1184 1180 7ff7a0c3bbc8-7ff7a0c3bbf3 call 7ff7a0c3c284 1153->1180 1181 7ff7a0c3bbad-7ff7a0c3bbc3 call 7ff7a0c34f08 call 7ff7a0c34ee8 1153->1181 1158 7ff7a0c3bc8a-7ff7a0c3bc94 call 7ff7a0c4391c 1155->1158 1159 7ff7a0c3bc11-7ff7a0c3bc19 1155->1159 1172 7ff7a0c3bc9a-7ff7a0c3bcaf 1158->1172 1173 7ff7a0c3bd1e 1158->1173 1159->1158 1164 7ff7a0c3bc1b-7ff7a0c3bc1d 1159->1164 1164->1158 1168 7ff7a0c3bc1f-7ff7a0c3bc35 1164->1168 1168->1158 1169 7ff7a0c3bc37-7ff7a0c3bc43 1168->1169 1169->1158 1174 7ff7a0c3bc45-7ff7a0c3bc47 1169->1174 1172->1173 1178 7ff7a0c3bcb1-7ff7a0c3bcc3 GetConsoleMode 1172->1178 1176 7ff7a0c3bd23-7ff7a0c3bd43 ReadFile 1173->1176 1174->1158 1179 7ff7a0c3bc49-7ff7a0c3bc61 1174->1179 1182 7ff7a0c3bd49-7ff7a0c3bd51 1176->1182 1183 7ff7a0c3be3d-7ff7a0c3be46 GetLastError 1176->1183 1178->1173 1185 7ff7a0c3bcc5-7ff7a0c3bccd 1178->1185 1179->1158 1187 7ff7a0c3bc63-7ff7a0c3bc6f 1179->1187 1180->1155 1181->1184 1182->1183 1189 7ff7a0c3bd57 1182->1189 1192 7ff7a0c3be48-7ff7a0c3be5e call 7ff7a0c34f08 call 7ff7a0c34ee8 1183->1192 1193 7ff7a0c3be63-7ff7a0c3be66 1183->1193 1186 7ff7a0c3bd03-7ff7a0c3bd0d call 7ff7a0c3a948 1184->1186 1185->1176 1191 7ff7a0c3bccf-7ff7a0c3bcf1 ReadConsoleW 1185->1191 1186->1141 1187->1158 1196 7ff7a0c3bc71-7ff7a0c3bc73 1187->1196 1200 7ff7a0c3bd5e-7ff7a0c3bd73 1189->1200 1202 7ff7a0c3bd12-7ff7a0c3bd1c 1191->1202 1203 7ff7a0c3bcf3 GetLastError 1191->1203 1192->1184 1197 7ff7a0c3bcf9-7ff7a0c3bcfb call 7ff7a0c34e7c 1193->1197 1198 7ff7a0c3be6c-7ff7a0c3be6e 1193->1198 1196->1158 1206 7ff7a0c3bc75-7ff7a0c3bc85 1196->1206 1197->1184 1198->1186 1200->1186 1208 7ff7a0c3bd75-7ff7a0c3bd80 1200->1208 1202->1200 1203->1197 1206->1158 1212 7ff7a0c3bda7-7ff7a0c3bdaf 1208->1212 1213 7ff7a0c3bd82-7ff7a0c3bd9b call 7ff7a0c3b674 1208->1213 1216 7ff7a0c3be2b-7ff7a0c3be38 call 7ff7a0c3b4b4 1212->1216 1217 7ff7a0c3bdb1-7ff7a0c3bdc3 1212->1217 1221 7ff7a0c3bda0-7ff7a0c3bda2 1213->1221 1216->1221 1218 7ff7a0c3be1e-7ff7a0c3be26 1217->1218 1219 7ff7a0c3bdc5 1217->1219 1218->1186 1222 7ff7a0c3bdca-7ff7a0c3bdd1 1219->1222 1221->1186 1224 7ff7a0c3be0d-7ff7a0c3be18 1222->1224 1225 7ff7a0c3bdd3-7ff7a0c3bdd7 1222->1225 1224->1218 1226 7ff7a0c3bdd9-7ff7a0c3bde0 1225->1226 1227 7ff7a0c3bdf3 1225->1227 1226->1227 1228 7ff7a0c3bde2-7ff7a0c3bde6 1226->1228 1229 7ff7a0c3bdf9-7ff7a0c3be09 1227->1229 1228->1227 1230 7ff7a0c3bde8-7ff7a0c3bdf1 1228->1230 1229->1222 1231 7ff7a0c3be0b 1229->1231 1230->1229 1231->1218
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: c3f57b6cd1f658b3a1cfdd45bc75f21d2f6c8be166295f0eb40444005b392bd6
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6c5792736694fe5e6a56532b79bee15f23317da4f2bcc4cf0d444d4ab092c982
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c3f57b6cd1f658b3a1cfdd45bc75f21d2f6c8be166295f0eb40444005b392bd6
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 05C1C22292A68782E668AB1594402FDFB50FF81B80FD74931EB4D037B6CE7DF4458762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C26360 Relevance: 10.6, APIs: 1, Strings: 6, Instructions: 82COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to load Python DLL '%ls'.$LoadLibrary$Path of Python shared library (%s) and its name (%s) exceed buffer size (%d)$Path of ucrtbase.dll (%s) and its name exceed buffer size (%d)$Reported length (%d) of Python shared library name (%s) exceeds buffer size (%d)$ucrtbase.dll
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-2434346643
                                                                                                                                                                                                                                                                                                            • Opcode ID: 111e0a7e53993944da2df5d9c96cd3a7cea32e86f931b773c4ccd6a62d35c348
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0b179e741f40fdb6b1331299cfac110cf83287f53de19e07a44014284d82963c
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 111e0a7e53993944da2df5d9c96cd3a7cea32e86f931b773c4ccd6a62d35c348
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F416221A1AA8791EA15FB34E4552E9A311FF58784FC10932DA9C43BB5EF3CF505C760
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DCFFD0 Relevance: 9.2, APIs: 1, Strings: 4, Instructions: 409fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset$CreateFile
                                                                                                                                                                                                                                                                                                            • String ID: delayed %dms for lock/sharing conflict at line %d$exclusive$psow$winOpen
                                                                                                                                                                                                                                                                                                            • API String ID: 333288564-3829269058
                                                                                                                                                                                                                                                                                                            • Opcode ID: 91a16a29fa85a4b7500c484f2e0290924f29dc3ca7676500eb30cdcc977ab085
                                                                                                                                                                                                                                                                                                            • Instruction ID: f846032c56a3289c79e0f4e24dcae746d946a55fe217468e6dbcfe3d1020c06d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 91a16a29fa85a4b7500c484f2e0290924f29dc3ca7676500eb30cdcc977ab085
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AD028E71E0F643A6FB648B21B85467967A0FF84BD4F044235DE5E436A4DF3CE8498B28
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DDA0D0 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 174COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 0-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 284fb38653da876aa8efdd9a6ba98a4ebc5b2a4409a3f47e7cdb6a524325cf1d
                                                                                                                                                                                                                                                                                                            • Instruction ID: f43b126babd1e00ea560c4ce059ca993f26f027430924d6b72364716ecf8fb30
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 284fb38653da876aa8efdd9a6ba98a4ebc5b2a4409a3f47e7cdb6a524325cf1d
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8671A362A0B642E1FB648B26D44077D77A1EF44BC4F149035CE6E4B7A5DF3CE8898728
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C35628 Relevance: 6.1, APIs: 4, Instructions: 90fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CloseCreateFileHandle_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1279662727-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: b1746a8a916bbf96797ffba89da9809a683c49b2a7b1d8f7dd6efe5c63c8eb6a
                                                                                                                                                                                                                                                                                                            • Instruction ID: 66b27c30d47d28a83234a38fc80ae840b765136b190c56541cf56d4da82830bc
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b1746a8a916bbf96797ffba89da9809a683c49b2a7b1d8f7dd6efe5c63c8eb6a
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2D419222D2978283E718AB2095143E9E260FF957A4F919B35E65C03BE2DF6CB1E08711
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2CC3C Relevance: 4.6, APIs: 3, Instructions: 94COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3251591375-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: b3dd18574e8b698ea28c35ed35ed65a6730a16d6ac14c38d0a8ba428da0d66bc
                                                                                                                                                                                                                                                                                                            • Instruction ID: aa999e53d880e93a3c023f4dc1e81b0133717da8148de760a1211bb54f17eab6
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b3dd18574e8b698ea28c35ed35ed65a6730a16d6ac14c38d0a8ba428da0d66bc
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 34314921E0B60742FA24BB7494923F9D691AF59384FC65C35E94E47BF3DE2DB8048272
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39A30 Relevance: 4.5, APIs: 3, Instructions: 14COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1703294689-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 148d460979eed4a43ebbf671c65dc2dc638c0d89c9c01e8e00358d5495882c84
                                                                                                                                                                                                                                                                                                            • Instruction ID: c92fae87656c1d026d7564aa8718122e083bac780b7b0a9fd2cc86d26272310d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 148d460979eed4a43ebbf671c65dc2dc638c0d89c9c01e8e00358d5495882c84
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C2D09E10B1A70743EB183B715C590FCD256BF48741F961D38C84B063B3DD2DB8495321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3013C Relevance: 3.2, APIs: 2, Instructions: 177COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: e80cfa20b6c7ebf2f27a6dba6ddb06cb01cda21135ba71ef9e2cf3b7629ca058
                                                                                                                                                                                                                                                                                                            • Instruction ID: 55907b06ebd31178f05b092198911b900accb1e022ca5da54ad37569a6fa50de
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e80cfa20b6c7ebf2f27a6dba6ddb06cb01cda21135ba71ef9e2cf3b7629ca058
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EA51DC2272B64396E66CA92554146FEE181BF44BA4FA64A34DD6D037F5CE3CF4008622
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3C134 Relevance: 3.0, APIs: 2, Instructions: 46COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2976181284-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7d52f85de62641260209e8dbb28c5e1251e01e8bf24b4306ce9dcd9badf2c9c6
                                                                                                                                                                                                                                                                                                            • Instruction ID: fb23e7b255ec80abe665e1d7bc78f5318534180fa1478c095972e884e5e07219
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7d52f85de62641260209e8dbb28c5e1251e01e8bf24b4306ce9dcd9badf2c9c6
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E811E262618A8281DA24AB25A8440ADF361BF41FF0F954731EE7D077FACE7CE0109701
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DC5B35 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 17COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: malloc
                                                                                                                                                                                                                                                                                                            • String ID: failed to allocate %u bytes of memory
                                                                                                                                                                                                                                                                                                            • API String ID: 2803490479-1168259600
                                                                                                                                                                                                                                                                                                            • Opcode ID: be3047ffbf8d3a3382a60741f12f29956a7e97552a5b0cf3e5d2d3eb3c06d507
                                                                                                                                                                                                                                                                                                            • Instruction ID: 45c4d05aef1492024f7c8c67212431e9f69096404a00bf7363760819d5fcdb78
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: be3047ffbf8d3a3382a60741f12f29956a7e97552a5b0cf3e5d2d3eb3c06d507
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6CD05B54B1F641D1FE145766B6902781651FF4CFC4F445034DE1D07786DF6CE4558718
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3AB58 Relevance: 2.6, APIs: 2, Instructions: 59COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?,?,?,00007FF7A0C3A9D5,?,?,00000000,00007FF7A0C3AA8A), ref: 00007FF7A0C3ABC6
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF7A0C3A9D5,?,?,00000000,00007FF7A0C3AA8A), ref: 00007FF7A0C3ABD0
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CloseErrorHandleLast
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 918212764-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: ae1e15d82824e1a5fac1c7302ca2ff5641fe0b0e43db7728cd9339717749910c
                                                                                                                                                                                                                                                                                                            • Instruction ID: d8dd5c150596643ef54e5c4f67985d534ed35eb148f65289c3e60f32028bec4f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae1e15d82824e1a5fac1c7302ca2ff5641fe0b0e43db7728cd9339717749910c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4C210B21F2A64342FA68775194543FDE2839F84B94F961A38EA1E477F2CE6CF4544322
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3BEAC Relevance: 1.6, APIs: 1, Instructions: 112COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 5a303e376ae32d58fd1e52f1ac99a64fdc1cf63549abbe0bdd4da132c2ec767e
                                                                                                                                                                                                                                                                                                            • Instruction ID: eda53ca981845f7c22b914018ca98db67f2e245c43e40a89b40b75f3e43cc38f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5a303e376ae32d58fd1e52f1ac99a64fdc1cf63549abbe0bdd4da132c2ec767e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E641EC3692A24387E638AB59A4401F9F360EF59B40F511935D78E437E2CF6DF402CB62
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C27F90 Relevance: 1.6, APIs: 1, Instructions: 85COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _fread_nolock
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 840049012-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 4900000118834b7d6e4087b4962dc8428ce36fa7a7de64a54251ee196edfec95
                                                                                                                                                                                                                                                                                                            • Instruction ID: 30b3b4619e641c4418702b5ccf1c34575ac194ce60093973e9964805a1d7bb5b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4900000118834b7d6e4087b4962dc8428ce36fa7a7de64a54251ee196edfec95
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD219C21B1B65346EA54BB2269047FAD651BF49BC4FCA4830EE0C07B96CE7DF149C211
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B93C Relevance: 1.6, APIs: 1, Instructions: 79COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: c2d01373d3233558d420055387ebca2c39d1ce99b2c1a08127fa32cb0ba5fec2
                                                                                                                                                                                                                                                                                                            • Instruction ID: 18e230dedd5f0c82ce4b6f525105142d7de5f9746aa1d71a893deef8dd4873ce
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c2d01373d3233558d420055387ebca2c39d1ce99b2c1a08127fa32cb0ba5fec2
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F0314F22A3A60385E6197B5594413FCE6A0AF84B95FC30935EB5D473E2DE7CB4418732
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39961 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3947729631-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 42808d7c08696a35870eb95595f0ae95ff90971c005bfc8769c42bb91e99b0de
                                                                                                                                                                                                                                                                                                            • Instruction ID: c9b9c44ac999c700f21c70550ca16904bd67ce56038f0a6abf9640029fb97256
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 42808d7c08696a35870eb95595f0ae95ff90971c005bfc8769c42bb91e99b0de
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 38218271A167468AEB189F68C4802ECB7A0FB44719F850A3AD75C06BE5DF3CE544C751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C35F94 Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                                                                                                                            • Instruction ID: 24ed4f738db88112f5e0ef5e8b7902d5aed39e7180ca44694f462f49292d4d96
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC114F31E3E64382EA68BF5194041F9E264AF89B84FC64831EA4C57BA6CF3DF5504762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C46354 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3765a10cee1e255344ee37f065f4be71d58868c9c9e645b3056c9746d3493235
                                                                                                                                                                                                                                                                                                            • Instruction ID: fe732ede62f742b505b60e32d5da2a9bbaa564b4c134ad0bbb6c6ec2fef81281
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3765a10cee1e255344ee37f065f4be71d58868c9c9e645b3056c9746d3493235
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BF21D032A19A8386DB20AF18D0443B9F2A1FF84B54F954634EA5D877E9DF3DE4008B11
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C303BC Relevance: 1.5, APIs: 1, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                                                                                                                            • Instruction ID: d01dc6ac1d8d743c839dcaf890f2343185ac7187a14b963ea4dafddcce18292a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F901A522A2974340E50CEF5259100E9E691BF85FE0F9A4A31DE5C17BE6CE3CF5514311
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C28E80 Relevance: 1.5, APIs: 1, Instructions: 19libraryCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C29390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7A0C245F4,00000000,00007FF7A0C21985), ref: 00007FF7A0C293C9
                                                                                                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(?,00007FF7A0C26476,?,00007FF7A0C2336E), ref: 00007FF7A0C28EA2
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ByteCharLibraryLoadMultiWide
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2592636585-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3eee33850ff877a76f59ec51b6af72cd7d073a691558276a485592abc3036afa
                                                                                                                                                                                                                                                                                                            • Instruction ID: 87d1a7ef71d1020f3818a76d50d1d8b96a1ed9b91b5ab0425afd7668f16c7142
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3eee33850ff877a76f59ec51b6af72cd7d073a691558276a485592abc3036afa
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C5D08C01B3624642EA48F777BA466AA9252AF8DBC0F888035EE4D03B6ADC3CE0414B00
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E2B040 Relevance: 1.5, APIs: 1, Instructions: 228COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: ba1e97dfd34ae7d31428b3a6104273133c081eeb1aa2518f9192a7e5d415cc73
                                                                                                                                                                                                                                                                                                            • Instruction ID: 855beac4678e0819d67518cd6d14013cb97f5ee80c5244c78fc8f39de2f975e9
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ba1e97dfd34ae7d31428b3a6104273133c081eeb1aa2518f9192a7e5d415cc73
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 70C14F72A0AB82E5EF61DF21E8542BD23A4FF957C4F044535CE4D46668EF3CE1A08328
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3D5FC Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • HeapAlloc.KERNEL32(?,?,?,00007FF7A0C30C90,?,?,?,00007FF7A0C322FA,?,?,?,?,?,00007FF7A0C33AE9), ref: 00007FF7A0C3D63A
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AllocHeap
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 4292702814-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 510c613edcbd96140e332c46b5608733b20d975e117422ad796dc4540c81bb80
                                                                                                                                                                                                                                                                                                            • Instruction ID: fce9fd3c355b958da05578e539194621d97d46a455ceebb96039faa21782f648
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 510c613edcbd96140e332c46b5608733b20d975e117422ad796dc4540c81bb80
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9FF0DA50A2A24745FE68767268567F5D2B15F887A1F8A0E30E93E453E2DD2DF4808532

                                                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C289E0 Relevance: 70.3, APIs: 36, Strings: 4, Instructions: 257synchronizationwindowregistryCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Message$ErrorLast$ObjectProcessSingleWait$CloseCreateHandlePeekWindow_invalid_parameter_noinfo$ByteCharClassCodeCommandConsoleCtrlCurrentDestroyDispatchExitFormatHandlerInfoLineMultiRegisterStartupTerminateTranslateWide
                                                                                                                                                                                                                                                                                                            • String ID: CreateProcessW$Failed to create child process!$PyInstaller Onefile Hidden Window$PyInstallerOnefileHiddenWindow
                                                                                                                                                                                                                                                                                                            • API String ID: 3832162212-3165540532
                                                                                                                                                                                                                                                                                                            • Opcode ID: 99838be411f58a84d89697932930ae4644c798f1dd42cd928399edbb9bf0e48e
                                                                                                                                                                                                                                                                                                            • Instruction ID: 324539aa36e1e3a7faa4901d4355a7077700b0ba9f679304f74ae0a77b443419
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 99838be411f58a84d89697932930ae4644c798f1dd42cd928399edbb9bf0e48e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2D17231A0AA8386E710AF74E8582EDB765FF88758F810635DA5D42BB5DF3CE148C720
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E842B0 Relevance: 21.5, APIs: 2, Strings: 12, Instructions: 452COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcmpmemcpy
                                                                                                                                                                                                                                                                                                            • String ID: %s mode not allowed: %s$access$cach$cach$cache$file$invalid uri authority: %.*s$localhos$mode$mode$no such %s mode: %s$no such vfs: %s
                                                                                                                                                                                                                                                                                                            • API String ID: 1784268899-1067337024
                                                                                                                                                                                                                                                                                                            • Opcode ID: ea5b30896b8f601e2c558708f0cff121e52ec114d766bdc7e5f30d61455f35fa
                                                                                                                                                                                                                                                                                                            • Instruction ID: 2d3dcc33cfd32381e42402fe17a5ee9c602e87f35fd5029cb0a75a73d53b818f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ea5b30896b8f601e2c558708f0cff121e52ec114d766bdc7e5f30d61455f35fa
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F8020172E0E686E5FB658B34901037D6AD1FB52BD8F844236DA6E436C1DF3DE4618328
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF1950 Relevance: 13.9, APIs: 9, Instructions: 431COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Mem_SubtypeType_$DataFreeFromKindMallocUnicode_
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3500989990-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 76cdbbed4ec85edb5246489e997a29ce274d103f94b2efc47d71435fe755d074
                                                                                                                                                                                                                                                                                                            • Instruction ID: a9b6b1d3f0b044854150bfd4897c6cfaa9f51986ddecd1ba8c08dd3f3832e84f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76cdbbed4ec85edb5246489e997a29ce274d103f94b2efc47d71435fe755d074
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C202F372A0A596A2EB688F24D41467D37A5FF847C0F544132DA4E477D4EFBCEA44E700
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF3248 Relevance: 13.6, APIs: 9, Instructions: 71COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionFilterPresentUnhandledmemset$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 313767242-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: c016222525537ec18d5e696995a9a3f380ff0682bd70983648a287384bccb3b7
                                                                                                                                                                                                                                                                                                            • Instruction ID: de5db8d6d02ee3d88f10a04f0be3e24398791dcccce6f5484ee5a3af7303c284
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c016222525537ec18d5e696995a9a3f380ff0682bd70983648a287384bccb3b7
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E7313C7260AB819AEB648F70E8907ED7364FB84784F44403ADA4E47B99EF7CD648D710
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E3CF30 Relevance: 12.4, APIs: 1, Strings: 7, Instructions: 441COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$API call with %s database connection pointer$NULL$invalid$misuse$unopened
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-509082904
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1ff93b19acef037b607622b43eb6c257e7d5ff2c26ba520d38833d9bdf7282cf
                                                                                                                                                                                                                                                                                                            • Instruction ID: 14a9a1b7642cdad28d278517778659e7e95ce9e4dc40260ab39088c1e6cbb450
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1ff93b19acef037b607622b43eb6c257e7d5ff2c26ba520d38833d9bdf7282cf
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 77129C71B0BA42E5FB649F21A4503796BA1FF80BC8F184035DE5E87694DF3CE8658328
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DCFA10 Relevance: 12.4, APIs: 2, Strings: 6, Instructions: 404COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789$etilqs_$winGetTempname1$winGetTempname2$winGetTempname4$winGetTempname5
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-463513059
                                                                                                                                                                                                                                                                                                            • Opcode ID: 6232733e76b48e2c560fcbb2eeae0b02753112b4e2aae1f9aa9c7ba037d08091
                                                                                                                                                                                                                                                                                                            • Instruction ID: b8342d79727f5eeb2a05fc8aec2b8dba1153f40258fbdd98c144a9682858b90a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6232733e76b48e2c560fcbb2eeae0b02753112b4e2aae1f9aa9c7ba037d08091
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 70E12692B1E3C617EA0D8B3925111786B91EB557C0F54813ADEAE437D2EF3CB51AC324
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DEE5C0 Relevance: 12.4, APIs: 1, Strings: 7, Instructions: 402COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID: Bad ptr map entry key=%u expected=(%u,%u) got=(%u,%u)$Failed to read ptrmap key=%u$Freelist: $Page %u: never used$Page %u: pointer map referenced$incremental_vacuum enabled with a max rootpage of zero$max rootpage (%u) disagrees with header (%u)
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-741541785
                                                                                                                                                                                                                                                                                                            • Opcode ID: f73c482e994c03ef3d04b2196cc4bb57828e1c0ed56e3ea4c15825dcb6c121e9
                                                                                                                                                                                                                                                                                                            • Instruction ID: 5ac28aef9a048629be9c81c0715567a11288c56c90578654ee7b29011e9acb91
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f73c482e994c03ef3d04b2196cc4bb57828e1c0ed56e3ea4c15825dcb6c121e9
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2D02AF72F0A6429BE724DB66E88027D77A1FB84788F100139DA5E47B94EF3CE448CB14
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C283C0 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 89fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • FindFirstFileW.KERNEL32(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C2842B
                                                                                                                                                                                                                                                                                                            • RemoveDirectoryW.KERNEL32(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284AE
                                                                                                                                                                                                                                                                                                            • DeleteFileW.KERNEL32(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284CD
                                                                                                                                                                                                                                                                                                            • FindNextFileW.KERNEL32(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284DB
                                                                                                                                                                                                                                                                                                            • FindClose.KERNEL32(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284EC
                                                                                                                                                                                                                                                                                                            • RemoveDirectoryW.KERNEL32(?,00007FF7A0C28919,00007FF7A0C23FA5), ref: 00007FF7A0C284F5
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: FileFind$DirectoryRemove$CloseDeleteFirstNext
                                                                                                                                                                                                                                                                                                            • String ID: %s\*
                                                                                                                                                                                                                                                                                                            • API String ID: 1057558799-766152087
                                                                                                                                                                                                                                                                                                            • Opcode ID: 9215641a051a597ab69d89bbe09b444c24fb25eba6eed844fe9e008ab190e420
                                                                                                                                                                                                                                                                                                            • Instruction ID: 33cc71f86f9548fc4d57eb5c3aaba5799c5d0bf2e36ed91d10fe7c64f97fb7cf
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9215641a051a597ab69d89bbe09b444c24fb25eba6eed844fe9e008ab190e420
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A4416321A0F54385EA20BB34E4581FAA361FF98754FC60A31E55D42BE5EF3CF6498750
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF1300 Relevance: 10.9, APIs: 7, Instructions: 375COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Mem_$MallocSubtypeType_$DeallocErr_FreeMemory
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 4139299733-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: f3b34b9a491a7328e3479242aa4f01da2548d41b57f80c50a6892646becf0bf0
                                                                                                                                                                                                                                                                                                            • Instruction ID: 4e1c39bc54d425e5e055ecab0c10eee9399e50f7cef877386f0f025dc9f9cf26
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f3b34b9a491a7328e3479242aa4f01da2548d41b57f80c50a6892646becf0bf0
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F1F1F072A1E992A1EB28CF29D41467D37A4FB85BC0F540135DE4E827D4EFACEA41E700
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2D12C Relevance: 10.6, APIs: 7, Instructions: 71COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3140674995-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 357b26123f7cc0566be18cabbec560c6351d8abd4e8582c9dfa9d4018571b442
                                                                                                                                                                                                                                                                                                            • Instruction ID: c935b4319935a4d879c4c05f9de4dc071fab45e3e209f89a8bb6cb5d75732d31
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 357b26123f7cc0566be18cabbec560c6351d8abd4e8582c9dfa9d4018571b442
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 97315372609B8286EB60AF60E8443EDB361FB94704F454439DA4E47BA5DF7DD548C710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C45C00 Relevance: 9.3, APIs: 6, Instructions: 334timeCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45C45
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C45598: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C455AC
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: HeapFree.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A95E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: GetLastError.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A968
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A900: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF7A0C3A8DF,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3A909
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A900: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF7A0C3A8DF,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3A92E
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45C34
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C455F8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C4560C
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45EAA
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45EBB
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45ECC
                                                                                                                                                                                                                                                                                                            • GetTimeZoneInformation.KERNEL32(?,?,?,?,?,?,?,?,?,00000000,?,00007FF7A0C4610C), ref: 00007FF7A0C45EF3
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _get_daylight$_invalid_parameter_noinfo$CurrentErrorFeatureFreeHeapInformationLastPresentProcessProcessorTimeZone
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 4070488512-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 677ea417f3249c8bdb60afb6413c0575e0f743ff33606516b420b369f71394b1
                                                                                                                                                                                                                                                                                                            • Instruction ID: c827a8b704efc6133748e72e1c55aa9692c1883c1f362e0ed5c52e182f8ecf8e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 677ea417f3249c8bdb60afb6413c0575e0f743ff33606516b420b369f71394b1
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C4D1BE26E0A24346E724BF21D4581F9B762FF84B84FC69835EA0D477A6DE3EF4418760
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DC7336 Relevance: 9.3, APIs: 2, Strings: 4, Instructions: 332COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: -x0$0123456789ABCDEF0123456789abcdef$VUUU$VUUU
                                                                                                                                                                                                                                                                                                            • API String ID: 0-2031831958
                                                                                                                                                                                                                                                                                                            • Opcode ID: 27ee5c829f6d79043f4cbad637b212a471c0560ebe4aff584a080aef168f4e0b
                                                                                                                                                                                                                                                                                                            • Instruction ID: dc4705d3f1e3d1c31c6392c37aea82d5da04d6ffa73b1e872d86bddc02140df4
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27ee5c829f6d79043f4cbad637b212a471c0560ebe4aff584a080aef168f4e0b
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 11D123A2B1E68296DB648B38D094B7D6BA5FB557C0F4A8035DF6E43781DF2CE804C724
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3A614 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1239891234-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: ae2d74aaff6e8c1310ec24f87c3395aa5518f909cdba62f6f822c67f0a9cc142
                                                                                                                                                                                                                                                                                                            • Instruction ID: 300dd730e0cc79b14c32d4f3ee152c6967fd17efc31939cffd16bcc5c11ca1c8
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae2d74aaff6e8c1310ec24f87c3395aa5518f909cdba62f6f822c67f0a9cc142
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B1318F36619B8286EB20DF24E8442EEB3A4FF88754F950535EA8D43BA5DF3CE155CB10
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C41874 Relevance: 7.8, APIs: 5, Instructions: 282COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2227656907-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 471de8175ffa50438b20796c5ba06e190623de8bcba55c14971da5e7bf2bc1ae
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8f47c1df54dd19581ccb3d6a9338177c0f2e1ebd6525b9d334719a93ff1fff84
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 471de8175ffa50438b20796c5ba06e190623de8bcba55c14971da5e7bf2bc1ae
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B8B1E562B5A68341EA60EB21D4182F9E392FF44BE4F865931DE9D07BE5DE3DF4418310
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE8020 Relevance: 6.6, APIs: 5, Instructions: 362COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: dba73455f6f234f8bbefecc76f180073ee716590355594a84bd531c554655bcd
                                                                                                                                                                                                                                                                                                            • Instruction ID: be8f2b26b45c693cc24b788ea0f26577aefd51f8eec19a683b68f0ea575c7125
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dba73455f6f234f8bbefecc76f180073ee716590355594a84bd531c554655bcd
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BEE1EE72A1A7819BEB908F2AD0407AD77A1FB49BC4F048036EE4E57785EF3DE4598314
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C45E7C Relevance: 6.1, APIs: 4, Instructions: 143timeCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45EAA
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C455F8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C4560C
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45EBB
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C45598: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C455AC
                                                                                                                                                                                                                                                                                                            • _get_daylight.LIBCMT ref: 00007FF7A0C45ECC
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C455C8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C455DC
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: HeapFree.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A95E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: GetLastError.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A968
                                                                                                                                                                                                                                                                                                            • GetTimeZoneInformation.KERNEL32(?,?,?,?,?,?,?,?,?,00000000,?,00007FF7A0C4610C), ref: 00007FF7A0C45EF3
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _get_daylight_invalid_parameter_noinfo$ErrorFreeHeapInformationLastTimeZone
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3458911817-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 179af59534a267e8b56f66eebf2dbf2058aebcf107c16e98e161f461d30bd41f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 77d9c561876c5e4056c4f1d2fcd7da5cc39117dd5bb79681f97adc3b76609f78
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 179af59534a267e8b56f66eebf2dbf2058aebcf107c16e98e161f461d30bd41f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E5516A26E0A64386E720EF21D8851E9B762BF88784F825935EA4D437B6DF3DF4418760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C25830 Relevance: 229.6, APIs: 86, Strings: 45, Instructions: 400libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25840
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25852
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25889
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2589B
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C258B4
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C258C6
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C258DF
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C258F1
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2590D
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2591F
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2593B
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2594D
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25969
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C2597B
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C25997
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C259A9
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C259C5
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007FF7A0C264CF,?,00007FF7A0C2336E), ref: 00007FF7A0C259D7
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AddressErrorLastProc
                                                                                                                                                                                                                                                                                                            • String ID: Failed to get address for %hs$GetProcAddress$PyConfig_Clear$PyConfig_InitIsolatedConfig$PyConfig_Read$PyConfig_SetBytesString$PyConfig_SetString$PyConfig_SetWideStringList$PyErr_Clear$PyErr_Fetch$PyErr_NormalizeException$PyErr_Occurred$PyErr_Print$PyErr_Restore$PyEval_EvalCode$PyImport_AddModule$PyImport_ExecCodeModule$PyImport_ImportModule$PyMarshal_ReadObjectFromString$PyMem_RawFree$PyModule_GetDict$PyObject_CallFunction$PyObject_CallFunctionObjArgs$PyObject_GetAttrString$PyObject_SetAttrString$PyObject_Str$PyPreConfig_InitIsolatedConfig$PyRun_SimpleStringFlags$PyStatus_Exception$PySys_GetObject$PySys_SetObject$PyUnicode_AsUTF8$PyUnicode_Decode$PyUnicode_DecodeFSDefault$PyUnicode_FromFormat$PyUnicode_FromString$PyUnicode_Join$PyUnicode_Replace$Py_DecRef$Py_DecodeLocale$Py_ExitStatusException$Py_Finalize$Py_InitializeFromConfig$Py_IsInitialized$Py_PreInitialize
                                                                                                                                                                                                                                                                                                            • API String ID: 199729137-653951865
                                                                                                                                                                                                                                                                                                            • Opcode ID: a72b1b0889ffc37889110ad0e4f068dcb4eb8b0bbe2e77bf2d8672c26fae6e03
                                                                                                                                                                                                                                                                                                            • Instruction ID: d9a7490e08c8789a4b7033e7c457f5daa0a9d00f6472c95c89b3bd138d3127c2
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a72b1b0889ffc37889110ad0e4f068dcb4eb8b0bbe2e77bf2d8672c26fae6e03
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0F22CC64E0BB0791FA55BB65A8585F6A2A2BF08746FC71C35C81E027B1FF7EB1449230
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C276C0 Relevance: 177.1, APIs: 66, Strings: 35, Instructions: 314libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AddressErrorLastProc
                                                                                                                                                                                                                                                                                                            • String ID: Failed to get address for %hs$GetProcAddress$Tcl_Alloc$Tcl_ConditionFinalize$Tcl_ConditionNotify$Tcl_ConditionWait$Tcl_CreateInterp$Tcl_CreateObjCommand$Tcl_CreateThread$Tcl_DeleteInterp$Tcl_DoOneEvent$Tcl_EvalEx$Tcl_EvalFile$Tcl_EvalObjv$Tcl_Finalize$Tcl_FinalizeThread$Tcl_FindExecutable$Tcl_Free$Tcl_GetCurrentThread$Tcl_GetObjResult$Tcl_GetString$Tcl_GetVar2$Tcl_Init$Tcl_JoinThread$Tcl_MutexFinalize$Tcl_MutexLock$Tcl_MutexUnlock$Tcl_NewByteArrayObj$Tcl_NewStringObj$Tcl_SetVar2$Tcl_SetVar2Ex$Tcl_ThreadAlert$Tcl_ThreadQueueEvent$Tk_GetNumMainWindows$Tk_Init
                                                                                                                                                                                                                                                                                                            • API String ID: 199729137-3427451314
                                                                                                                                                                                                                                                                                                            • Opcode ID: 939c8a0ebf27c7f5789cd4a10996167767bc86255d761b2ba34a42bc6fc861e3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 46a50e5e8d03a5f8eb59372df323b40e41f4719ce701d9a57032d7a928cca4e3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 939c8a0ebf27c7f5789cd4a10996167767bc86255d761b2ba34a42bc6fc861e3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D902DBA4A0FB0781EA15BB65B8982F5A362BF08756FC71D31D81E02771EF7DB4498231
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C281D0 Relevance: 24.6, APIs: 6, Strings: 8, Instructions: 117COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C29390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7A0C245F4,00000000,00007FF7A0C21985), ref: 00007FF7A0C293C9
                                                                                                                                                                                                                                                                                                            • ExpandEnvironmentStringsW.KERNEL32(?,00007FF7A0C286B7,?,?,00000000,00007FF7A0C23CBB), ref: 00007FF7A0C2822C
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22810: MessageBoxW.USER32 ref: 00007FF7A0C228EA
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ByteCharEnvironmentExpandMessageMultiStringsWide
                                                                                                                                                                                                                                                                                                            • String ID: %.*s$CreateDirectory$LOADER: failed to convert runtime-tmpdir to a wide string.$LOADER: failed to create runtime-tmpdir path %ls!$LOADER: failed to expand environment variables in the runtime-tmpdir.$LOADER: failed to obtain the absolute path of the runtime-tmpdir.$LOADER: runtime-tmpdir points to non-existent drive %ls (type: %d)!$\
                                                                                                                                                                                                                                                                                                            • API String ID: 1662231829-930877121
                                                                                                                                                                                                                                                                                                            • Opcode ID: 34679b23be2e6a85bad270fe565fa16c5e09c528fb77942a9d4832d630ea4d55
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6c537215c45039fb5d3440ec8b358b33ef074aaaa05422ca639c488c238221af
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 34679b23be2e6a85bad270fe565fa16c5e09c528fb77942a9d4832d630ea4d55
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E1515421A2B64391FA54FB35D8552FAE251BF98780FC64C31D60E42BF5EE2CF5048760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21600 Relevance: 22.9, APIs: 1, Strings: 12, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to create symbolic link %s!$Failed to extract %s: failed to allocate temporary buffer!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to open target file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$Failed to extract %s: failed to write data chunk!$fopen$fread$fseek$fwrite$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-1550345328
                                                                                                                                                                                                                                                                                                            • Opcode ID: d8e1660e306644a3059456114562463667108454f96654c664cb3035ad910b0d
                                                                                                                                                                                                                                                                                                            • Instruction ID: d6f4df54ebc36c72ad737d9ca70f71c8ce827a8c773887b8937b603b2112f310
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d8e1660e306644a3059456114562463667108454f96654c664cb3035ad910b0d
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6751BC21B0A64392EA14BB6594401F9E3A1BF98B94FC64D31EE0C07BF6EE3DF5458720
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4B94 Relevance: 21.1, APIs: 7, Strings: 5, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CompareUnicode_$DeallocStringWith
                                                                                                                                                                                                                                                                                                            • String ID: NFC$NFD$NFKC$NFKD$invalid normalization form
                                                                                                                                                                                                                                                                                                            • API String ID: 1004266020-3528878251
                                                                                                                                                                                                                                                                                                            • Opcode ID: 74b9620dcdea853079a1270c98b22e6a74a71ffef3b70556d2d0268c14110fd8
                                                                                                                                                                                                                                                                                                            • Instruction ID: fd4df814a282d1daa67f05f828d5b43b5fdad22a649bca5cab440abc3aeba970
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 74b9620dcdea853079a1270c98b22e6a74a71ffef3b70556d2d0268c14110fd8
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FE316C21B0AA53A1EA548F32E8A433D63A1FF45FD5F448039D90E477A5EFADE604B310
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF11C0 Relevance: 19.4, APIs: 6, Strings: 5, Instructions: 153COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CompareStringUnicode_With$MallocMem_SubtypeType_
                                                                                                                                                                                                                                                                                                            • String ID: NFC$NFD$NFKC$NFKD$invalid normalization form
                                                                                                                                                                                                                                                                                                            • API String ID: 2156454041-3528878251
                                                                                                                                                                                                                                                                                                            • Opcode ID: da3b54f35a8fb496e7d97c3fec9d3f2a0cbd8ed79af4ca103da2bfe7283e7162
                                                                                                                                                                                                                                                                                                            • Instruction ID: 7de29b313c6736326140afdffa028cc199468ee7cf13212e5a024a078ce6cb0d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: da3b54f35a8fb496e7d97c3fec9d3f2a0cbd8ed79af4ca103da2bfe7283e7162
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 91519D21A1E653A2FE648FB69C9067E6395EF42BC0F045035DE4E87A81DFACE700B300
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4768 Relevance: 19.4, APIs: 6, Strings: 5, Instructions: 109COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_ArgumentFromStringSubtypeType_Unicode_
                                                                                                                                                                                                                                                                                                            • String ID: $%04X$a unicode character$argument$decomposition
                                                                                                                                                                                                                                                                                                            • API String ID: 1318908108-4056541097
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3b76a624b36cde7d8a71620bff0719cf73dd2bf4325b1108dfc60d55c9fd7842
                                                                                                                                                                                                                                                                                                            • Instruction ID: 64707467c18774633bbae89cc19db5cd99e93f1a16173ac55de3806e989d81b9
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3b76a624b36cde7d8a71620bff0719cf73dd2bf4325b1108dfc60d55c9fd7842
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1741DA62E0AAC161EB258F25E8503BD23A0FF45BE4F444235CA5E476D5DFBCE655D300
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF26F0 Relevance: 19.3, APIs: 7, Strings: 4, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Module_$DeallocObject_$ConstantFromSpecStringTrackTypeType_
                                                                                                                                                                                                                                                                                                            • String ID: 15.1.0$_ucnhash_CAPI$ucd_3_2_0$unidata_version
                                                                                                                                                                                                                                                                                                            • API String ID: 1134076213-2982225328
                                                                                                                                                                                                                                                                                                            • Opcode ID: 8afc514a58662c608f6159bfe6782b51e6e0053e826c89357b0d76cfa910b95c
                                                                                                                                                                                                                                                                                                            • Instruction ID: 2b830cf5c57f0f304a507c71ae0ba45f9d93c6cc8d77a56280df65ee82b6e6a3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8afc514a58662c608f6159bfe6782b51e6e0053e826c89357b0d76cfa910b95c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3B218E22A2EA03A1FB044F31ED6427C23A0EF45FE0F044039D90D467A6DFADE706A304
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22180 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: MoveWindow$ObjectSelect$DrawReleaseText
                                                                                                                                                                                                                                                                                                            • String ID: P%
                                                                                                                                                                                                                                                                                                            • API String ID: 2147705588-2959514604
                                                                                                                                                                                                                                                                                                            • Opcode ID: 044398bc2faddcfc72e28419b1c607044beef288ba0900b5e0371f537bcab75f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8a119bccb1eced48af6443c9e4ef596c85a9c47d713e5179922e18a0bf6ca3e7
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 044398bc2faddcfc72e28419b1c607044beef288ba0900b5e0371f537bcab75f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A551E7266057A286D634AF36E4181BAF7A1FB98B61F004121EBDE43795DF3CE045DB20
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C280C0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 67COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: LongWindow$BlockCreateErrorLastReasonShutdown
                                                                                                                                                                                                                                                                                                            • String ID: Needs to remove its temporary files.
                                                                                                                                                                                                                                                                                                            • API String ID: 3975851968-2863640275
                                                                                                                                                                                                                                                                                                            • Opcode ID: fca9629812ae98fc4dea80e51924cd1fa5b6a95a0379263e815d251d6ca0a567
                                                                                                                                                                                                                                                                                                            • Instruction ID: 66f8335a4ca638564a67118e3c11fb46579fb3cac4aa9e30c69e7074a9148b07
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fca9629812ae98fc4dea80e51924cd1fa5b6a95a0379263e815d251d6ca0a567
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6121A821B0BA4381E7417B7AA8581BDE251FF88B90F9A5530DA1D437F6DE2CF5958220
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E3D610 Relevance: 16.9, APIs: 2, Strings: 9, Instructions: 386COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: %s.%s$_init$error during initialization: %s$lib$no entry point [%s] in shared library [%s]$not authorized$sqlite3_$sqlite3_extension_init$unable to open shared library [%.*s]
                                                                                                                                                                                                                                                                                                            • API String ID: 0-3733955532
                                                                                                                                                                                                                                                                                                            • Opcode ID: 05a199fa49fd736cdf39f7366473616b6a6e65ad5fc1c24130039290ae80ddf7
                                                                                                                                                                                                                                                                                                            • Instruction ID: 42a000ba57478e54908c9df0011f3a23aa457b6cf3fcc8eff8d67849247f65f4
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 05a199fa49fd736cdf39f7366473616b6a6e65ad5fc1c24130039290ae80ddf7
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06029171B0BA83E5EB158B21A4543B967A0FF45BC1F084135DE5E866A0EF3CE924C328
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF492C Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 62COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_$ArgumentCheckDigitErr_FromLongLong_PositionalStringUnicode_
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument 1$digit$not a digit
                                                                                                                                                                                                                                                                                                            • API String ID: 4245020737-4278345224
                                                                                                                                                                                                                                                                                                            • Opcode ID: e13b3df58773a98c1103435cac1204b160a8dd3e0be1e2068f723629e12376dc
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8e593a15e8bae58244bfd6408a6f756b16c0f88f0183ef586e9e510d1aaa13d6
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e13b3df58773a98c1103435cac1204b160a8dd3e0be1e2068f723629e12376dc
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F6213B31B0AA43A1EA60CF65D85467D2360FB84BC4F048035DA4D877A5DFBDE655E300
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DFB0C0 Relevance: 15.3, APIs: 2, Strings: 8, Instructions: 330COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: %!.15g$%02x$%lld$'%.*q'$-- $?$NULL$zeroblob(%d)
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-875588658
                                                                                                                                                                                                                                                                                                            • Opcode ID: 2bfb9ccf3173b77561383d7de2f52337ffb411a677cb446999baa6b05baa6e80
                                                                                                                                                                                                                                                                                                            • Instruction ID: 00d85973bec96f9992f0a3cced777a3b615f94cab48bab90a7ff131261efbed1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2bfb9ccf3173b77561383d7de2f52337ffb411a677cb446999baa6b05baa6e80
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F4E18E72F0A552AAFB20CB64D4507BC27A1EB047C8F444035DE2E67A95DFBCA949D328
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF2940 Relevance: 15.2, APIs: 10, Instructions: 227COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Initialize__scrt_acquire_startup_lock__scrt_dllmain_after_initialize_c__scrt_dllmain_crt_thread_attach__scrt_release_startup_lock
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 190073905-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 70d49f94bf07e0e16836489e003d3218299badc9548ca84428ba8617642733d4
                                                                                                                                                                                                                                                                                                            • Instruction ID: 730bfd4f855caf41ab1a301a33ac3b4a832bdb0c7cd5af28d9cf79583123fb50
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 70d49f94bf07e0e16836489e003d3218299badc9548ca84428ba8617642733d4
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B381BD20E0F643A6FA649F7598812BD2690EF857D0F548039DE4C473A6DFBCEB45A708
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C36290 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 494COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: -$:$f$p$p
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-2013873522
                                                                                                                                                                                                                                                                                                            • Opcode ID: 75ce3dd5e90789a751ac91fed3db50e3550f512a2f4dec46f6fb30c565ad9a60
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8c6302fd88bd23905d983e419cc08e7f0fe72a3e55a3b53d9c4dffcd09e3868a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 75ce3dd5e90789a751ac91fed3db50e3550f512a2f4dec46f6fb30c565ad9a60
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C512A161E2A24386FB68BA14D1142F9F6A1FF40754FC6C935E689077E4DB3CF5808B26
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C30FC8 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 475COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: f$f$p$p$f
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-1325933183
                                                                                                                                                                                                                                                                                                            • Opcode ID: efdc55b57c7b5823aa39a5abe82f144bbffe385c3037011f7a836833ec2ff017
                                                                                                                                                                                                                                                                                                            • Instruction ID: 7417040f52e99c832d94c14530a464163d2df6a16f760ce2c1da151029dd0ced
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: efdc55b57c7b5823aa39a5abe82f144bbffe385c3037011f7a836833ec2ff017
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89127662E2E14389FB687A15D0546F9F6A1FF80750FC64835EA99477E4DB3CF4808B22
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DD0A30 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 135COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: new[]
                                                                                                                                                                                                                                                                                                            • String ID: %s%c%s$:$:$?$\$winFullPathname1$winFullPathname2
                                                                                                                                                                                                                                                                                                            • API String ID: 4059295235-3840279414
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7514e8fd5d93be79fc71e0024bcf4f49aeb845a9e117b097cb897556365a7ddf
                                                                                                                                                                                                                                                                                                            • Instruction ID: beb1e870e2358e24f1dc88f5372b3dbff425423b3401bbecb92044fe6e947d5c
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7514e8fd5d93be79fc71e0024bcf4f49aeb845a9e117b097cb897556365a7ddf
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1251F861E0F283A5FB159B32640167A6B91EF84BC8F484036DE5D07686DF3CE84D8B68
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C21050 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 119COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-3659356012
                                                                                                                                                                                                                                                                                                            • Opcode ID: 4b5b6e3fcef3044075732b7736491b2407c08096ec4bb89f35b93de1ee291999
                                                                                                                                                                                                                                                                                                            • Instruction ID: 11f39a614596cddb1dd8908a4716a34e2da60afb1825a0d97783a0ebf792c0f2
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4b5b6e3fcef3044075732b7736491b2407c08096ec4bb89f35b93de1ee291999
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D341A421B1A65382EA04FB6198046F9E395BF58BC4FC64C32EE4C07BA6DE3CF5418760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C28660 Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 116COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetTempPathW.KERNEL32(?,?,00000000,00007FF7A0C23CBB), ref: 00007FF7A0C28704
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,00000000,00007FF7A0C23CBB), ref: 00007FF7A0C2870A
                                                                                                                                                                                                                                                                                                            • CreateDirectoryW.KERNEL32(?,00000000,00007FF7A0C23CBB), ref: 00007FF7A0C2874C
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28830: GetEnvironmentVariableW.KERNEL32(00007FF7A0C2388E), ref: 00007FF7A0C28867
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28830: ExpandEnvironmentStringsW.KERNEL32 ref: 00007FF7A0C28889
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C38238: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C38251
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C22810: MessageBoxW.USER32 ref: 00007FF7A0C228EA
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Environment$CreateCurrentDirectoryExpandMessagePathProcessStringsTempVariable_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: LOADER: failed to set the TMP environment variable.$LOADER: length of teporary directory path exceeds maximum path length!$TMP$TMP$_MEI%d
                                                                                                                                                                                                                                                                                                            • API String ID: 3563477958-1339014028
                                                                                                                                                                                                                                                                                                            • Opcode ID: e09d7b167afd2147c660aa35db8091a51c6906773476d98e2344c67e24741bda
                                                                                                                                                                                                                                                                                                            • Instruction ID: 45e5049baa631718db5db0842631180830e2cbf601478ed0c2cb979b9133b199
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e09d7b167afd2147c660aa35db8091a51c6906773476d98e2344c67e24741bda
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 58419111A2B64345FA14FB75A8552FAD291AF887C0FC64831ED0D47BFADE3CF6058260
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E02B90 Relevance: 14.0, APIs: 1, Strings: 8, Instructions: 489COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID: cannot open %s column for writing$cannot open table without rowid: %s$cannot open view: %s$cannot open virtual table: %s$foreign key$indexed$no such column: "%s"$out of memory
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-554953066
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3ba867be095ba71c1c2ba65221783a738c1764b63422ef77ae24a6b5b3ee3988
                                                                                                                                                                                                                                                                                                            • Instruction ID: 70ee4c26e3517a91f71329ab3a315f47055ee5ac87b6e0a05ab633a3b80c6ae5
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3ba867be095ba71c1c2ba65221783a738c1764b63422ef77ae24a6b5b3ee3988
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4632B972A0AB81E6EB65CF25D4406A937B4FB48BC8F404536DA8D43799DF3CE9A0C714
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2EA08 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 310COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                                                                                                                                                                                                                            • String ID: csm$csm$csm
                                                                                                                                                                                                                                                                                                            • API String ID: 849930591-393685449
                                                                                                                                                                                                                                                                                                            • Opcode ID: aab7c7e636ea8a2572919ef13f94062ff4905efd63cd4babadd9079b892b9703
                                                                                                                                                                                                                                                                                                            • Instruction ID: c1680db7775c85e2af6a79a56159d3cc14831bb67bd1e8afaf7ffe01dabe64ec
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aab7c7e636ea8a2572919ef13f94062ff4905efd63cd4babadd9079b892b9703
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 48D17D32A0974286EB20BB7594503EDB7A4FF59788F920935DA4D67BA5CF38F091C710
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DC7641 Relevance: 12.4, APIs: 1, Strings: 7, Instructions: 429COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID: -$-Inf$0123456789ABCDEF0123456789abcdef$NaN$VUUU$gfff$null
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-3207396689
                                                                                                                                                                                                                                                                                                            • Opcode ID: a6543f7ca9491b1445e2ecc135164382400244e23f1aff95d1367d86266735c3
                                                                                                                                                                                                                                                                                                            • Instruction ID: d665575b27556cd04130be06cbde00a43cd9f922f4ad7a4726ac9bf0181f8ab3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a6543f7ca9491b1445e2ecc135164382400244e23f1aff95d1367d86266735c3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 270234A2A0E28295EB658A3D914077E6BF1EF557C4F090135DBAE477C2CF2CE849C724
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E22070 Relevance: 12.4, APIs: 1, Strings: 7, Instructions: 414COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: %s %T already exists$sqlite_master$sqlite_temp_master$table$temporary table name must be unqualified$there is already an index named %s$view
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-2846519077
                                                                                                                                                                                                                                                                                                            • Opcode ID: f9b62292e15983dd92f3d336a42f126a0ce1eb18eb7dc8c6fabe0fe700413ad5
                                                                                                                                                                                                                                                                                                            • Instruction ID: 32b8a8b304c7cbaebef1673f94f9f58ff125599a199a73fe4dd5ba4dd768848f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f9b62292e15983dd92f3d336a42f126a0ce1eb18eb7dc8c6fabe0fe700413ad5
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FA02DF72A0A782E6EB24DF2194007A977A1FB84BC4F408235DE9D07795EF3CE565C728
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22C50 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 104windowCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF7A0C23706,?,00007FF7A0C23804), ref: 00007FF7A0C22C9E
                                                                                                                                                                                                                                                                                                            • FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF7A0C23706,?,00007FF7A0C23804), ref: 00007FF7A0C22D63
                                                                                                                                                                                                                                                                                                            • MessageBoxW.USER32 ref: 00007FF7A0C22D99
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Message$CurrentFormatProcess
                                                                                                                                                                                                                                                                                                            • String ID: %ls: $<FormatMessageW failed.>$Error$[PYI-%d:ERROR]
                                                                                                                                                                                                                                                                                                            • API String ID: 3940978338-251083826
                                                                                                                                                                                                                                                                                                            • Opcode ID: c67c27f58c2af476bbbd059d0433c12e6f67668a4e3ecf6e42cf1bc8669f0b6b
                                                                                                                                                                                                                                                                                                            • Instruction ID: 73effb7c907028e18814893b7b8cbb4b0b932d76e1b9f3381eece6d0edea6088
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c67c27f58c2af476bbbd059d0433c12e6f67668a4e3ecf6e42cf1bc8669f0b6b
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0B31DA32709A4252E720BB25B8542EBA691BF887D8F820535EF4D53B69EF3CF546C310
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF2080 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 84COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • PyErr_SetString.PYTHON313(?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF4027
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF8A7FF21E0: strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00007FF8A7FF20AF,?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF220A
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF8A7FF21E0: strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00007FF8A7FF20AF,?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF2228
                                                                                                                                                                                                                                                                                                            • PyUnicode_FromOrdinal.PYTHON313(?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF20F5
                                                                                                                                                                                                                                                                                                            • PyErr_Format.PYTHON313(?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF211F
                                                                                                                                                                                                                                                                                                            • PyType_IsSubtype.PYTHON313(?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF4034
                                                                                                                                                                                                                                                                                                            • PyErr_Format.PYTHON313(?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF407B
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Err_$Formatstrncmp$FromOrdinalStringSubtypeType_Unicode_
                                                                                                                                                                                                                                                                                                            • String ID: name too long$undefined character name '%s'
                                                                                                                                                                                                                                                                                                            • API String ID: 3272042218-4056717002
                                                                                                                                                                                                                                                                                                            • Opcode ID: 83118eea44466def5e50fa6e7ca29993ae3008b325df9b62d7704b142f7f47bc
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8e2d0543623d019ede0a01254d6e1ca948ba561404bed2c81f65b642b6283874
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 83118eea44466def5e50fa6e7ca29993ae3008b325df9b62d7704b142f7f47bc
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2419232A1AA42A1EB50CF25EC9027D6361FB48BC4F844032DB4E93755DFACEB46E704
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E18C10 Relevance: 12.3, APIs: 6, Strings: 2, Instructions: 299COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset$memmove
                                                                                                                                                                                                                                                                                                            • String ID: "%w" $%Q%s
                                                                                                                                                                                                                                                                                                            • API String ID: 3094553269-1987291987
                                                                                                                                                                                                                                                                                                            • Opcode ID: 34a9d1aa4306ee22d8a3cfd2026059865f442fa91a21e4c33ae88d147b4b4a38
                                                                                                                                                                                                                                                                                                            • Instruction ID: cfc4673a681f7d98b2f8fc01989470848f9778d35e40366cfceafdfa5710e904
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 34a9d1aa4306ee22d8a3cfd2026059865f442fa91a21e4c33ae88d147b4b4a38
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0EC1E371A0ABD2E6EA54CF25A440279A7A1FB65BE0F044235DE6E077E4DF3CE464C324
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE1040 Relevance: 12.3, APIs: 5, Strings: 3, Instructions: 253COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: d19dcd5255650cfdfefce16a649fffea8f53c40fce7bdf3c810c1306d021ea72
                                                                                                                                                                                                                                                                                                            • Instruction ID: 7833e4a9bc9356fad970c075542b19bdfb25e1e4f7c8996a4416acc0ba80962e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d19dcd5255650cfdfefce16a649fffea8f53c40fce7bdf3c810c1306d021ea72
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 29A1E472B0E2D196DB248B1994806BE7B92FB807C2F444239DBDA83785EF3CD559C724
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DD2CE0 Relevance: 10.8, APIs: 1, Strings: 6, Instructions: 339COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$API called with NULL prepared statement$API called with finalized prepared statement$ATTACH x AS %Q$misuse
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-1404302391
                                                                                                                                                                                                                                                                                                            • Opcode ID: eb7f66f7f92765d4610dffe480c9ec87837686a0c0c13341904ab352ee42dff0
                                                                                                                                                                                                                                                                                                            • Instruction ID: daa7afb832073a18dc3e8bf2cd60b73d2d5fc1308c01f475d33c7346d6d929eb
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eb7f66f7f92765d4610dffe480c9ec87837686a0c0c13341904ab352ee42dff0
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D3F17C71A0FA42A1EBA89F65A84437937A4FF80BC0F444135CE6D477A5EF3CE4498768
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF17A0 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 122COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_ArgumentFromStringSubtypeType_Unicode_
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument$category
                                                                                                                                                                                                                                                                                                            • API String ID: 1318908108-2068800536
                                                                                                                                                                                                                                                                                                            • Opcode ID: 819d02cb5a53b99fb765d21f9d19cde95ec2cc2e6cea83f9e4c806781089034f
                                                                                                                                                                                                                                                                                                            • Instruction ID: efd14df86d237edcd77bcc3a08df7ef5620bdc868a52e38b6913aaf6e01c3759
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 819d02cb5a53b99fb765d21f9d19cde95ec2cc2e6cea83f9e4c806781089034f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4051C662F1AA4292EF688F29D5603BC23A1FB44BD4F444035DA4E57794DFBCEA95E300
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF1000 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_ArgumentFromStringSubtypeType_Unicode_
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument$bidirectional
                                                                                                                                                                                                                                                                                                            • API String ID: 1318908108-2110215792
                                                                                                                                                                                                                                                                                                            • Opcode ID: 20e64b3dea6743d8d76ee490ceeb3f1ff441adf4638d8619ffabdd99ac876f95
                                                                                                                                                                                                                                                                                                            • Instruction ID: ac400d664c12651cc79427caa37e6bb4551ca8282696c64ed7fa7338d1e3c24a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 20e64b3dea6743d8d76ee490ceeb3f1ff441adf4638d8619ffabdd99ac876f95
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1C319162B1EA82A1FF688F2184113BD2361EF90BD0F645035DA4F47690CF6DEA94E340
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2DCC8 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DD4D
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DD5B
                                                                                                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DD85
                                                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DDF3
                                                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF7A0C2DF7A,?,?,?,00007FF7A0C2DC6C,?,?,?,00007FF7A0C2D869), ref: 00007FF7A0C2DDFF
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                                                                                                                                                                                                                            • String ID: api-ms-
                                                                                                                                                                                                                                                                                                            • API String ID: 2559590344-2084034818
                                                                                                                                                                                                                                                                                                            • Opcode ID: 276526191d17588ee9fa22b972cdf0953455baf5c8a53fb276b347519b5968a9
                                                                                                                                                                                                                                                                                                            • Instruction ID: 89418a843fe448942d7d1619bdc09b69110d544a68418c44912d96aef2a7512d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 276526191d17588ee9fa22b972cdf0953455baf5c8a53fb276b347519b5968a9
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F1319021B1BB4391EE11BB26A4006F5A394FF5CBA4F9A4935ED1D07BA5EE3CF4448230
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22A50 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(00000000,?,?,?,00000000,00007FF7A0C2351A,?,00000000,00007FF7A0C23F23), ref: 00007FF7A0C22AA0
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: 0$WARNING$Warning$Warning [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-2900015858
                                                                                                                                                                                                                                                                                                            • Opcode ID: d3ff72078d09a899d0ca032b5bdbc8691629937d026b54217f09319e947088a3
                                                                                                                                                                                                                                                                                                            • Instruction ID: c1ebeb659a4b0b7483fd2b871d10cbf38baea1d0e69106e5f24213acc1b5f6e7
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d3ff72078d09a899d0ca032b5bdbc8691629937d026b54217f09319e947088a3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3A218332A1A78292E720AB61F4857E6B394FF887C4F810535FE8C43B69DF7CE1458650
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C28570 Relevance: 10.6, APIs: 7, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Token$InformationProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 995526605-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: fa90e23b90d603ff8a1fc3170628a297920662056bab6e12f28c88f429b12389
                                                                                                                                                                                                                                                                                                            • Instruction ID: f2ca4cf7980fbe5d4c6e90d2d0100ff4cc0e40207159579696ae70b3b4d60262
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fa90e23b90d603ff8a1fc3170628a297920662056bab6e12f28c88f429b12389
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 20219321A0E64342EB10BB65B4442BAE3A1FFC57A0F950635EA6C43BF5DE7CF5498710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B150 Relevance: 10.6, APIs: 7, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Value$ErrorLast
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2506987500-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: bd40692f84e3da01acd5c9e715af8932c2ff4b5b564443a413d720313231dc09
                                                                                                                                                                                                                                                                                                            • Instruction ID: ffd737f332fffa560d4cac39eca2d73ee6dc05053d86c6affc1cc110dc23a480
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bd40692f84e3da01acd5c9e715af8932c2ff4b5b564443a413d720313231dc09
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 85214F24A2E64341F96C732596651FEE2429F44BB0F864F34DA3E467F7DD2CB4114722
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C47D6C Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                                                                                                                                                                            • String ID: CONOUT$
                                                                                                                                                                                                                                                                                                            • API String ID: 3230265001-3130406586
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3755c2f75cb97972cd4ab37a7e27d28fd0bf6f95a56d27d10542fc75f089f0eb
                                                                                                                                                                                                                                                                                                            • Instruction ID: d8531717522e5691214876a22e10b7778bd4622ca2c4477775b6f0bfcf677030
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3755c2f75cb97972cd4ab37a7e27d28fd0bf6f95a56d27d10542fc75f089f0eb
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A511D621B19A4286E750AB16F858379A3A1FF88BE4F410B34D95D877B4CF7DF4048710
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF1160 Relevance: 10.5, APIs: 2, Strings: 4, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • _PyArg_CheckPositional.PYTHON313 ref: 00007FF8A7FF3901
                                                                                                                                                                                                                                                                                                            • _PyArg_BadArgument.PYTHON313 ref: 00007FF8A7FF3934
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF8A7FF11C0: PyUnicode_CompareWithASCIIString.PYTHON313 ref: 00007FF8A7FF11F2
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF8A7FF11C0: PyUnicode_CompareWithASCIIString.PYTHON313 ref: 00007FF8A7FF120A
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF8A7FF11C0: PyType_IsSubtype.PYTHON313 ref: 00007FF8A7FF122D
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_CompareStringUnicode_With$ArgumentCheckPositionalSubtypeType_
                                                                                                                                                                                                                                                                                                            • String ID: argument 1$argument 2$normalize$str
                                                                                                                                                                                                                                                                                                            • API String ID: 4101545800-1320425463
                                                                                                                                                                                                                                                                                                            • Opcode ID: 85e1f99dde411cb278f0b98270a6e8254a8096954b810f161da5d99ca4afd163
                                                                                                                                                                                                                                                                                                            • Instruction ID: b5cd7f5b48e3b9ed20268032e6d8cab3eb97712312d987dfb90119619bb9fe56
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 85e1f99dde411cb278f0b98270a6e8254a8096954b810f161da5d99ca4afd163
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 00116161B0AA86A0EB648F22E8406BD2365EF04FC4F588036DD0D177A4DFBCD694E700
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4AF4 Relevance: 10.5, APIs: 2, Strings: 4, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_$ArgumentCheckPositional
                                                                                                                                                                                                                                                                                                            • String ID: argument 1$argument 2$is_normalized$str
                                                                                                                                                                                                                                                                                                            • API String ID: 3876575403-184702317
                                                                                                                                                                                                                                                                                                            • Opcode ID: 35f64efe301dec1c03658f0adf9c06da03441c8ba11caf4cd01179e65ab3153d
                                                                                                                                                                                                                                                                                                            • Instruction ID: 14c58fdc8e0355a67c52420f58a146ac801f52d0d9ae00e04d15078ef255b21e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 35f64efe301dec1c03658f0adf9c06da03441c8ba11caf4cd01179e65ab3153d
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BB019261B09A86A4EF508F66E8817BD6361EF04FD4F44C035DA1D07266DFBCD685E740
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E26680 Relevance: 9.3, APIs: 3, Strings: 3, Instructions: 338COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            • foreign key on %s should reference only one column of table %T, xrefs: 00007FF8A8E26705
                                                                                                                                                                                                                                                                                                            • unknown column "%s" in foreign key definition, xrefs: 00007FF8A8E26A2E
                                                                                                                                                                                                                                                                                                            • number of columns in foreign key does not match the number of columns in the referenced table, xrefs: 00007FF8A8E2672E
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID: foreign key on %s should reference only one column of table %T$number of columns in foreign key does not match the number of columns in the referenced table$unknown column "%s" in foreign key definition
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-272990098
                                                                                                                                                                                                                                                                                                            • Opcode ID: ccd277bf9b92b8e3d07852b4a3834606872994afd4a61e22383483de8b35dad8
                                                                                                                                                                                                                                                                                                            • Instruction ID: e95cbb8e1092fbe17f64b9e573157b704f9881e1d853ef1c4bb880febc556dd4
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ccd277bf9b92b8e3d07852b4a3834606872994afd4a61e22383483de8b35dad8
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0CD1DFB2A0A781E2EF64CB15A0446B97BA1FB65BC4F444231DE5D077A5EF3CE461C318
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE55D0 Relevance: 9.3, APIs: 3, Strings: 3, Instructions: 314COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 5dc20ad9749f576e2bdd85d432535949bff597f47a50de2b10b80a5b4d618dbe
                                                                                                                                                                                                                                                                                                            • Instruction ID: 7d3cd51d09bc6e06c75fdb61517643ea056aa8b2303c0eb35dc5c3eebaaa9f44
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5dc20ad9749f576e2bdd85d432535949bff597f47a50de2b10b80a5b4d618dbe
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 15D1CD72A0A68597DB60CF29E4807A9B3A2FB88BC4F554432DE5D47784EF38E848C714
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE92C0 Relevance: 9.2, APIs: 3, Strings: 3, Instructions: 217COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memmove
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 2162964266-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 0f045e69ece5e58a5605bba3c1eb72ead89470c58f18165752d3b17f3c0f85b3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0866814881ee58f2e229b76368785ea803da7f0b7bcbe7ada67e00bcd5dcc575
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f045e69ece5e58a5605bba3c1eb72ead89470c58f18165752d3b17f3c0f85b3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A291D1A2A0A6C6A7C720DB25E4806AEBBA0FB45BC8F444132DE9D43B45EF3CD159C754
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E17CA0 Relevance: 9.2, APIs: 3, Strings: 3, Instructions: 215COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID: Cannot add a column to a view$sqlite_altertab_%s$virtual tables may not be altered
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-2063813899
                                                                                                                                                                                                                                                                                                            • Opcode ID: 6f3502865f2554c3b22856db225aa2943b439a183bdfd32a53b0fa553fb1f819
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0f489994a4e2680efd55726d591d4801003504d3513e053e42aa7af82627a862
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6f3502865f2554c3b22856db225aa2943b439a183bdfd32a53b0fa553fb1f819
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FC91BF72A1AB85D2EB90CF1198002BA77A5FB99FC0F458235DE9D47789EF38E461C314
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE8690 Relevance: 9.2, APIs: 3, Strings: 3, Instructions: 212COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memmove
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 1283327689-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 18ed6f349fa8df90b545674691f7bb4008a36ffe479325eff14730e8886acda7
                                                                                                                                                                                                                                                                                                            • Instruction ID: 81d19219f6b3c28de6e04da0fc36b3f13add45174a40242076e6e6b274eb2935
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 18ed6f349fa8df90b545674691f7bb4008a36ffe479325eff14730e8886acda7
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0F91D162A092C1A7D714CB26D5802BDB7E0FB40BC4F048136DB9D57685EF3CE869C764
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DF8F60 Relevance: 9.1, APIs: 1, Strings: 5, Instructions: 139COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • memcpy.VCRUNTIME140(?,?,-8000000000000000,?,00000000,00007FF8A8E3D0A0), ref: 00007FF8A8DF90FD
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$API called with NULL prepared statement$API called with finalized prepared statement$misuse
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-3538577999
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3facb6c6f69657c9aac68e5e72037591cf2385d6111726e0645f2351e47175fe
                                                                                                                                                                                                                                                                                                            • Instruction ID: d6e029dede505ea46fc7b00f40f046b81920818753f4fc7c494a54df605ec92b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3facb6c6f69657c9aac68e5e72037591cf2385d6111726e0645f2351e47175fe
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD51C121E0F682B5FB54AB2594102B86391EF81BD0F084135DE6E0B3D5DFBDEC5A9328
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C28ED0 Relevance: 9.1, APIs: 6, Instructions: 121COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcess.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C28EFD
                                                                                                                                                                                                                                                                                                            • K32EnumProcessModules.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C28F5A
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C29390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7A0C245F4,00000000,00007FF7A0C21985), ref: 00007FF7A0C293C9
                                                                                                                                                                                                                                                                                                            • K32GetModuleFileNameExW.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C28FE5
                                                                                                                                                                                                                                                                                                            • K32GetModuleFileNameExW.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C29044
                                                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C29055
                                                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,FFFFFFFF,00000000,00007FF7A0C23FB1), ref: 00007FF7A0C2906A
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: FileFreeLibraryModuleNameProcess$ByteCharCurrentEnumModulesMultiWide
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3462794448-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 51e73ccb600dcf9d750c353d1e93921ada3daf916e275faff0d4d54491eeaa6f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 31fa58a5d9e0736b41c32475f3734a92f5b7443e85d99ac3974414f45ed4ae60
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 51e73ccb600dcf9d750c353d1e93921ada3daf916e275faff0d4d54491eeaa6f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E416461A1A68741EA30BB21A5502FAA394FF8DB84F864535DF4D57BA9DE3CF500C710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C290E0 Relevance: 9.1, APIs: 2, Strings: 4, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: GetCurrentProcess.KERNEL32 ref: 00007FF7A0C28590
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: OpenProcessToken.ADVAPI32 ref: 00007FF7A0C285A3
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: GetTokenInformation.ADVAPI32 ref: 00007FF7A0C285C8
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: GetLastError.KERNEL32 ref: 00007FF7A0C285D2
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: GetTokenInformation.ADVAPI32 ref: 00007FF7A0C28612
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: ConvertSidToStringSidW.ADVAPI32 ref: 00007FF7A0C2862E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C28570: CloseHandle.KERNEL32 ref: 00007FF7A0C28646
                                                                                                                                                                                                                                                                                                            • LocalFree.KERNEL32(?,00007FF7A0C23C55), ref: 00007FF7A0C2916C
                                                                                                                                                                                                                                                                                                            • LocalFree.KERNEL32(?,00007FF7A0C23C55), ref: 00007FF7A0C29175
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Token$FreeInformationLocalProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                                                                                                                                                                                                                            • String ID: D:(A;;FA;;;%s)$D:(A;;FA;;;%s)(A;;FA;;;%s)$S-1-3-4$Security descriptor string length exceeds PYI_PATH_MAX!
                                                                                                                                                                                                                                                                                                            • API String ID: 6828938-1529539262
                                                                                                                                                                                                                                                                                                            • Opcode ID: 0222097b9c90264a1a2c87a2a2fde68e1a94831f5278aced0db9eca26447961c
                                                                                                                                                                                                                                                                                                            • Instruction ID: acd28411944d395c3822f093631f67cc8742fc45ba4ad2a0b3386a2d05384daf
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0222097b9c90264a1a2c87a2a2fde68e1a94831f5278aced0db9eca26447961c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F3212121A0A64352F614BB21E4153EEA251FF88780FC64835EA4D53BA6DF3DF5458760
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B2C8 Relevance: 9.1, APIs: 6, Instructions: 57COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B2D7
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B30D
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B33A
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B34B
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B35C
                                                                                                                                                                                                                                                                                                            • SetLastError.KERNEL32(?,?,?,00007FF7A0C34F11,?,?,?,?,00007FF7A0C3A48A,?,?,?,?,00007FF7A0C3718F), ref: 00007FF7A0C3B377
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Value$ErrorLast
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2506987500-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 511c86220214880ca4b01c77dd55d0a7de68e458561f726588d357ec3f22002e
                                                                                                                                                                                                                                                                                                            • Instruction ID: 20d3c0ee7f0fe8be38a3895788d3f7c5111ff353292385818e9218474a35c194
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 511c86220214880ca4b01c77dd55d0a7de68e458561f726588d357ec3f22002e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 25115E20A2EA5382FA9CB72556511FDE1429F44BB0F864F34D92E477F7DE2CB4114322
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22910 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 86COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,?,?,?,00000000,00000000,?,00000000,00007FF7A0C21B6A), ref: 00007FF7A0C2295E
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: %s: %s$Error$Error [ANSI Fallback]$[PYI-%d:ERROR]
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-2962405886
                                                                                                                                                                                                                                                                                                            • Opcode ID: b3354eec44a94607d33eb4f3788ab89374ba031f66333e1b118589dca889f3f3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0bb274a527b98a9288e9b108aab3467811184af40c100eaea77d0da477687922
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b3354eec44a94607d33eb4f3788ab89374ba031f66333e1b118589dca889f3f3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9F31EA22B1A68252E710B765A8406E7E295BF887D4F820531FE8D83B69EF7CF546C210
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22390 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81windowCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: DeleteDestroyDialogHandleIconIndirectModuleObjectParam
                                                                                                                                                                                                                                                                                                            • String ID: Unhandled exception in script
                                                                                                                                                                                                                                                                                                            • API String ID: 3081866767-2699770090
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1a8653f9ef4157c26f2335c81c204ff7a5d47729ffdf6617f9212c2ec85f79f4
                                                                                                                                                                                                                                                                                                            • Instruction ID: a51ed569a35807d207ce8d5518295ca67ec357ffd56ae854ab3d9e76355803e0
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1a8653f9ef4157c26f2335c81c204ff7a5d47729ffdf6617f9212c2ec85f79f4
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0131837261AA8385EB24FF61E8552FAA361FF88784F850535EA4D47B6ADF3CE100C711
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22B50 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 65windowCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,00000000,00000000,FFFFFFFF,00000000,00007FF7A0C2918F,?,00007FF7A0C23C55), ref: 00007FF7A0C22BA0
                                                                                                                                                                                                                                                                                                            • MessageBoxW.USER32 ref: 00007FF7A0C22C2A
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentMessageProcess
                                                                                                                                                                                                                                                                                                            • String ID: WARNING$Warning$[PYI-%d:%ls]
                                                                                                                                                                                                                                                                                                            • API String ID: 1672936522-3797743490
                                                                                                                                                                                                                                                                                                            • Opcode ID: 4a0b6e8ebe13cae449087f655af1d2523953ec7fd560ce9a50e7097f48d063a1
                                                                                                                                                                                                                                                                                                            • Instruction ID: eff686c367866611b13f4d62b7b9cc0c2180a8e4574156952ff7a0dde5435046
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4a0b6e8ebe13cae449087f655af1d2523953ec7fd560ce9a50e7097f48d063a1
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9721D322B09B4252E710AB24F4847EAB364FF88784F810535EE8D53B6ADE3CE205C750
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22710 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,00000000,00000000,?,00000000,00007FF7A0C21B99), ref: 00007FF7A0C22760
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentProcess
                                                                                                                                                                                                                                                                                                            • String ID: ERROR$Error$Error [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                                                                                                                            • API String ID: 2050909247-1591803126
                                                                                                                                                                                                                                                                                                            • Opcode ID: a4fe537d534c2fb53088f6f6b76b448a80ccad2508d4dc842b27f1a8247accfc
                                                                                                                                                                                                                                                                                                            • Instruction ID: 57432c9305f9365593f214d3be7e79b5c90ed4459275fec10d6e1fef2c22fe61
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a4fe537d534c2fb53088f6f6b76b448a80ccad2508d4dc842b27f1a8247accfc
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5B218332A1A78252E710AB61F4857E6A394FF887C4F810535FE8C43B69DF7CE1458750
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4A20 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 57COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_ArgumentSubtypeType_
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument$east_asian_width
                                                                                                                                                                                                                                                                                                            • API String ID: 1522575347-3913127203
                                                                                                                                                                                                                                                                                                            • Opcode ID: f5fc9c44005d42739e8aaa94ad1af0bdc691463d08045d9300fe7361b174a674
                                                                                                                                                                                                                                                                                                            • Instruction ID: 905d428ed7c916688dff35005295634da5db0341b0b54262fef2733d1b04e8bb
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f5fc9c44005d42739e8aaa94ad1af0bdc691463d08045d9300fe7361b174a674
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5421AE61E0FE82A1EB548F32985027D67A1EF45BD0F44C035D61D03795EFACEAA5A344
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4FE0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: DoubleErr_Float_FromNumericStringSubtypeType_Unicode_
                                                                                                                                                                                                                                                                                                            • String ID: not a numeric character
                                                                                                                                                                                                                                                                                                            • API String ID: 1034370217-2058156748
                                                                                                                                                                                                                                                                                                            • Opcode ID: a25512a8a6295ab7a209a9d449d9c762a52c4a41ec5af7dde6583be60f21d0ed
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6cc5b31c6a58711d29fb73f84a923d8f54c4ef52d2a44e8845724edba4fd025a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a25512a8a6295ab7a209a9d449d9c762a52c4a41ec5af7dde6583be60f21d0ed
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0221B422A0E943B5FB558F35E96013D63A0EF44BC0F148034C91E57291FFADEA86A380
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF46CC Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 48COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: DecimalDigitErr_FromLongLong_StringSubtypeType_Unicode_
                                                                                                                                                                                                                                                                                                            • String ID: not a decimal
                                                                                                                                                                                                                                                                                                            • API String ID: 3750391552-3590249192
                                                                                                                                                                                                                                                                                                            • Opcode ID: 98925aab420d500a80fb896ae28ec5313d1af364276c7e5354c7c80d82c75a3b
                                                                                                                                                                                                                                                                                                            • Instruction ID: 23a6b3fea10b8dd6cf7bcc8b1ac3083638180cad192b63945ca06b8f54c1fa69
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 98925aab420d500a80fb896ae28ec5313d1af364276c7e5354c7c80d82c75a3b
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F0115126B1AA42A1FF548F35E86413D27A1EF85FC4F08C034CA1E87664DFACEA41A700
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4614 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 46COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_$ArgumentCheckPositional
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument 1$decimal
                                                                                                                                                                                                                                                                                                            • API String ID: 3876575403-2474051849
                                                                                                                                                                                                                                                                                                            • Opcode ID: be8750f51331ad33850794c55c3c9f5c1776179fbc54f68557b8d447b2bcc9a0
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8ab1371f9297d0823aaafe7e36c0998e1ca76e700f91e281b3afe45df3e17402
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: be8750f51331ad33850794c55c3c9f5c1776179fbc54f68557b8d447b2bcc9a0
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AF118C61B0AA42E5EA50DF62E8402BDA360EB44FC4F588436DA1D437A5CFBCE695D300
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4F28 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 46COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_$ArgumentCheckPositional
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument 1$numeric
                                                                                                                                                                                                                                                                                                            • API String ID: 3876575403-2385192657
                                                                                                                                                                                                                                                                                                            • Opcode ID: 426b7343fefe10994a7f184f30639fcb8f90e88664e4ff814fa964081d8755a3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 20f8ac3f2d792298ba535a693f6529c9d748569216162bb4bd14e1abc5db0f39
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 426b7343fefe10994a7f184f30639fcb8f90e88664e4ff814fa964081d8755a3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 53118F31B0AA42A5EB509F22E8402BD6360EB84FC4F448035EA1D437A5CFBCE695D300
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4DE4 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 46COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_$ArgumentCheckPositional
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument 1$name
                                                                                                                                                                                                                                                                                                            • API String ID: 3876575403-4190364640
                                                                                                                                                                                                                                                                                                            • Opcode ID: 52274b603974bfae571effba8c6b15723771c3ed1346c62352a0dd2d502121ee
                                                                                                                                                                                                                                                                                                            • Instruction ID: 235e6ea630cc1624152727814fc3f1af630a216cd61b4d571e4bfcabb2c2e41b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 52274b603974bfae571effba8c6b15723771c3ed1346c62352a0dd2d502121ee
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7A115E31B0AA42A5EB509F62E8803BD2360FB44FC4F588436DA5D43769CFBDE695D301
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4528 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 35COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_ArgumentErr_Occurred
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument$combining
                                                                                                                                                                                                                                                                                                            • API String ID: 3979797681-4202047184
                                                                                                                                                                                                                                                                                                            • Opcode ID: adb92c9507125f0c22bd24c4db8f48b41953b6aa43e5bdbaf6955fb86866d10c
                                                                                                                                                                                                                                                                                                            • Instruction ID: a885bcdf38bee29daa478a967626687f3409ad67e225cb412301afe0e7e78034
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: adb92c9507125f0c22bd24c4db8f48b41953b6aa43e5bdbaf6955fb86866d10c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 45018461E0BA03A1EE64AF31A8501BD23A0FF4DBD4F488635D94D47291DFBCE394A300
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4CF0 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 35COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Arg_ArgumentErr_Occurred
                                                                                                                                                                                                                                                                                                            • String ID: a unicode character$argument$mirrored
                                                                                                                                                                                                                                                                                                            • API String ID: 3979797681-4001128513
                                                                                                                                                                                                                                                                                                            • Opcode ID: 2e80d537f86a8222939be87eff623b09648c5b1c3b2524f467a4ca7a4f712915
                                                                                                                                                                                                                                                                                                            • Instruction ID: 582d4f5cf97775619559a65c5853e1fcc4e00e85c34de73e560b2dc9fd8c8bb1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2e80d537f86a8222939be87eff623b09648c5b1c3b2524f467a4ca7a4f712915
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 65017C61E0AA03A1EE949F31A8501BC32A0FF49BD4F408636D51D43291DFBCE794A344
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF2830 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 31COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Mem_$Capsule_Err_FreeMallocMemory
                                                                                                                                                                                                                                                                                                            • String ID: unicodedata._ucnhash_CAPI
                                                                                                                                                                                                                                                                                                            • API String ID: 3673501854-3989975041
                                                                                                                                                                                                                                                                                                            • Opcode ID: 59265758956b7bfbf6375bb1acd7a92ae8e5b63eff507749c531c9f360e4be07
                                                                                                                                                                                                                                                                                                            • Instruction ID: 18c6bc9bf9afe98759a8fc46b4d253294a3ccd8da25fa854765c63c07a2c2b5d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 59265758956b7bfbf6375bb1acd7a92ae8e5b63eff507749c531c9f360e4be07
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3AF01421A1BB47A1EB458F72AC541BC22A4FF08BD1F485436C94E063A5EEACE244E304
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39A88 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                                                                                                            • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                                                                                                                            • API String ID: 4061214504-1276376045
                                                                                                                                                                                                                                                                                                            • Opcode ID: b239dd027a539e56a716c05e535b4da9cb8e2339e08a4dc57142401ef2416000
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6df8870a6d1b1f2b55bc2e119576f35f2051bdb4f17c8321d8cac51ccce6a69e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b239dd027a539e56a716c05e535b4da9cb8e2339e08a4dc57142401ef2416000
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F8F0AF61B1A60782EA24AB20A4483BAE360FF49761F850A35DA6E463F4DF2DF044D320
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E5EDE0 Relevance: 7.9, APIs: 1, Strings: 4, Instructions: 390COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: hidden$vtable constructor called recursively: %s$vtable constructor did not declare schema: %s$vtable constructor failed: %s
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-1299490920
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1d8447f924158e6ad035472f4359d3266b1ae39d7f381a4f4c816e95a1de0816
                                                                                                                                                                                                                                                                                                            • Instruction ID: 83c6306af780e54f9694518ae4256053e0d4606c2ea5b13cf71a30e225bdba6c
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1d8447f924158e6ad035472f4359d3266b1ae39d7f381a4f4c816e95a1de0816
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F802BCB2A0AB82E2EB588B21E54037A77A1FB84BC4F045236DE5D07795DF3CE465C724
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DEC000 Relevance: 7.9, APIs: 2, Strings: 3, Instructions: 366COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 817f07965b872973eaac22bb409c9f214df0c11972e927506548e115749c78ef
                                                                                                                                                                                                                                                                                                            • Instruction ID: e38baf36aaf8fa891d625c1826e3e5026135d308e3622385dc5b780b48078950
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 817f07965b872973eaac22bb409c9f214df0c11972e927506548e115749c78ef
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 81F1887361AB8197DBA08B65E0407AD77A0FB84BC4F108036EE8E43795EF39E858C714
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE7970 Relevance: 7.8, APIs: 2, Strings: 3, Instructions: 311COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: a95ed21dddb60f74d411bb651dc9e4335d2f63f59c60c2f305be0b71bc662229
                                                                                                                                                                                                                                                                                                            • Instruction ID: 3975c244e83eedb1210512c372362e0359e5804a4ba6fa97803528d8d4fe524f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a95ed21dddb60f74d411bb651dc9e4335d2f63f59c60c2f305be0b71bc662229
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C0D1B03360AA8597DBA4DF26D4042A977A4FB88BC8F158036DF4D47794EF38D84AC314
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E0D3D0 Relevance: 7.7, APIs: 4, Strings: 1, Instructions: 220COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • memcpy.VCRUNTIME140(?,?,?,?,?,?,?,?,?,?,?,00007FF8A8E07847), ref: 00007FF8A8E0D52A
                                                                                                                                                                                                                                                                                                            • memcpy.VCRUNTIME140(?,?,?,?,?,?,?,?,?,?,?,00007FF8A8E07847), ref: 00007FF8A8E0D554
                                                                                                                                                                                                                                                                                                            • memset.VCRUNTIME140(?,?,?,?,?,?,?,?,?,?,?,00007FF8A8E07847), ref: 00007FF8A8E0D572
                                                                                                                                                                                                                                                                                                            • memcpy.VCRUNTIME140(?,?,?,?,?,?,?,?,?,?,?,00007FF8A8E07847), ref: 00007FF8A8E0D5A7
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID: H
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-2852464175
                                                                                                                                                                                                                                                                                                            • Opcode ID: cfbeda1bf99951151eff030447c4d7a4d5e89bf1fbf00df94b65fd72b816f457
                                                                                                                                                                                                                                                                                                            • Instruction ID: a8cdbe4100b37beaf8ada53bad3219707d8bcdde3cc9b9e428a2602f33cf4599
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cfbeda1bf99951151eff030447c4d7a4d5e89bf1fbf00df94b65fd72b816f457
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E3919D72B5A641D6EB648E15A44077A6BB0FB84BD4F144B34EEAD877C4CF3CE4608B18
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DEB070 Relevance: 7.7, APIs: 2, Strings: 3, Instructions: 197COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: d722efc5368d3c99c61d6ff00f4d07227d654d843d12c76e9b689ca2d86c9870
                                                                                                                                                                                                                                                                                                            • Instruction ID: 64ce342317bc4abf6f275a5f1b1a50c9a44acba2cec834d6eef0cca1e020f040
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d722efc5368d3c99c61d6ff00f4d07227d654d843d12c76e9b689ca2d86c9870
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6581EE3270A682A7E7608F25D4447AE77A1FB847C4F448036EB9D57791EF38E849C714
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE89A0 Relevance: 7.7, APIs: 2, Strings: 3, Instructions: 192COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 0-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 5e912ee1f7678e77240253c0303bb73c2f618f6b1c89537da6c189cf6ac1dde9
                                                                                                                                                                                                                                                                                                            • Instruction ID: f898c35823efc63a5d2e93e58c66a62e310e09d098730add3f416d4bcbf4eb3f
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5e912ee1f7678e77240253c0303bb73c2f618f6b1c89537da6c189cf6ac1dde9
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E6810622A0A2D1ABD7648F26D1806BE7BA0FB417C4F044132DF9D57681EF3CE4A9C764
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E5D690 Relevance: 7.7, APIs: 3, Strings: 2, Instructions: 163stringCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00000000,00000001,00007FF8A8E5D93A,?,?,?,00007FF8A8E5DCFB), ref: 00007FF8A8E5D7F9
                                                                                                                                                                                                                                                                                                            • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,00000000,00000001,00007FF8A8E5D93A,?,?,?,00007FF8A8E5DCFB), ref: 00007FF8A8E5D813
                                                                                                                                                                                                                                                                                                            • memcpy.VCRUNTIME140(?,?,?,?,?,?,00000000,00000001,00007FF8A8E5D93A,?,?,?,00007FF8A8E5DCFB), ref: 00007FF8A8E5D8A7
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: strncmp$memcpy
                                                                                                                                                                                                                                                                                                            • String ID: CRE$INS
                                                                                                                                                                                                                                                                                                            • API String ID: 2549481713-4116259516
                                                                                                                                                                                                                                                                                                            • Opcode ID: 89d2a150950b7b178870aa27281f2be8824cbcaa58cb7008b7be12df786679e9
                                                                                                                                                                                                                                                                                                            • Instruction ID: 18e351594d5328df06f6fa25c1046ab91126c7e9a0941151fa9882192ef5e411
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 89d2a150950b7b178870aa27281f2be8824cbcaa58cb7008b7be12df786679e9
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DC51EFB5B0B642E0FA299B22A4103796B91FF80FC4F585035CE5D8B785DF3CE8158328
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE8CA0 Relevance: 7.7, APIs: 2, Strings: 3, Instructions: 152COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpymemmove
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 167125708-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: a5e659041314e3c25e76cf73738960ed205ebc87af3a3a0fcf928fdaf9d09721
                                                                                                                                                                                                                                                                                                            • Instruction ID: e9ef699b259da299bedba33407411e6b8fec5a5ad2e88f9f23c3bd284b806977
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a5e659041314e3c25e76cf73738960ed205ebc87af3a3a0fcf928fdaf9d09721
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1A51FC72609BC0DACB108B19E4846AEBB64F758BC4F05813AEB9E13794EF3CD469C714
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DCD9E0 Relevance: 7.6, APIs: 3, Strings: 2, Instructions: 110COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID: delayed %dms for lock/sharing conflict at line %d$winRead
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-1843600136
                                                                                                                                                                                                                                                                                                            • Opcode ID: 66d7818fc9c6dce62004362554e4c0cfd5c82727d3bea9d87ae7196a0384542c
                                                                                                                                                                                                                                                                                                            • Instruction ID: e733af1375035249de4de5d4e319af4fc4f2eed0b51350f878eed6766c0e902e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 66d7818fc9c6dce62004362554e4c0cfd5c82727d3bea9d87ae7196a0384542c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A1413672A0D687A5E7108F36EC405A97BA5FF647C4F104031EA5D83794EF3CE85A8358
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C49368 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _set_statfp
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1156100317-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: bce21d2362216a5e504affcf34f2858e363de54600403cac3d1eeb36cb2ab404
                                                                                                                                                                                                                                                                                                            • Instruction ID: 58a257724a657ae1c001abf599d018cc7fd8d1a33fb1a56cddef93ad5704dfac
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bce21d2362216a5e504affcf34f2858e363de54600403cac3d1eeb36cb2ab404
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E5118622D5DA2303FA543555E49D3F99052FF5A360F86CE34EA6F163FA8E6E78414130
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B390 Relevance: 7.6, APIs: 5, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • FlsGetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B3AF
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B3CE
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B3F6
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B407
                                                                                                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF7A0C3A5A3,?,?,00000000,00007FF7A0C3A83E,?,?,?,?,?,00007FF7A0C3A7CA), ref: 00007FF7A0C3B418
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Value
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3702945584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 6f944022d23edc1c4acf36ee41aa723466f994e0e1af3fb98e05b0010e79b0d5
                                                                                                                                                                                                                                                                                                            • Instruction ID: c25808635ad2aaf508d07ba9642770cdafb356c2e85025d12e358f9e7965c7d1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6f944022d23edc1c4acf36ee41aa723466f994e0e1af3fb98e05b0010e79b0d5
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28110020E1AA4341F95CB72556512FDE1419F447B0FCA4F34E92D467F7DE2CB4524222
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3B224 Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Value
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3702945584-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: cf61fb6c00b1796c5bed08ecf7b6551a73a14dc995a044f45feadad5ae41d3ad
                                                                                                                                                                                                                                                                                                            • Instruction ID: c7701ed0a72d2e37f79c4a6d67b6d1ac919a413cc43387db6a03e57fdb29a07d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf61fb6c00b1796c5bed08ecf7b6551a73a14dc995a044f45feadad5ae41d3ad
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 82110320A2BA0741F96CB26545211FEE2428F45730F8A4F34DA3E4A7F3DD2DB4514232
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C35FA0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 242COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: verbose
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-579935070
                                                                                                                                                                                                                                                                                                            • Opcode ID: 8c3a45f75ca5c0a3459ca2e96ae2fbbf181a3d63a640e770f0a7cf37c7606cec
                                                                                                                                                                                                                                                                                                            • Instruction ID: 15bc61e14f38d27684e6bc9d8875da1d34bad2af1dd600a67f2bf1be0291ead0
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8c3a45f75ca5c0a3459ca2e96ae2fbbf181a3d63a640e770f0a7cf37c7606cec
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C391F332A2A64781E728AE24D4113FEF7A0AF40B54FC68932DA5D473E5DE3DF4058322
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3FBC8 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 219COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: UTF-16LEUNICODE$UTF-8$ccs
                                                                                                                                                                                                                                                                                                            • API String ID: 3215553584-1196891531
                                                                                                                                                                                                                                                                                                            • Opcode ID: 7089664b0a027e884898b454f5d4d61e653d4f3baae8c024cbe23c99275e4c13
                                                                                                                                                                                                                                                                                                            • Instruction ID: 135fec91b233af5cc7dac7f6896538110ffa4a979a25b758a4b3181d35a0fe8a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7089664b0a027e884898b454f5d4d61e653d4f3baae8c024cbe23c99275e4c13
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6281A372D2AA4385F7697E2581442F9E6A0AF11B44FD75C31CA09973B5CB2CF8239623
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2D648 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 154COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                                                                                                                                                                                                                            • String ID: csm
                                                                                                                                                                                                                                                                                                            • API String ID: 2395640692-1018135373
                                                                                                                                                                                                                                                                                                            • Opcode ID: 4bd751ab4a757734da5bac4c310991cbc8ef63d187f18c7a3c34a87046479a0f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 12ae6367435e98f2458e2a12485aa4bad6ee4cc05b12136372387fee31873f56
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4bd751ab4a757734da5bac4c310991cbc8ef63d187f18c7a3c34a87046479a0f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D519236A1A7438ADB14BB25D044BB8B391EF58B94F924930DA4E47BA8DF7CF841C750
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2F288 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                                                                                                                                                                                                                            • String ID: csm$csm
                                                                                                                                                                                                                                                                                                            • API String ID: 3896166516-3733052814
                                                                                                                                                                                                                                                                                                            • Opcode ID: b828653c103bc27f8420a51a056d9897bfd6e6497fd7c081c32eb92dd3ed2bbb
                                                                                                                                                                                                                                                                                                            • Instruction ID: d8d71eba59c168b3ba1ae824716e722307806f1e824c9408f19e0d3af265a8f3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b828653c103bc27f8420a51a056d9897bfd6e6497fd7c081c32eb92dd3ed2bbb
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E351A132A0974B86EB24BB31D0542A9B790EF58B84F964535DA4C43FA5CF7CF462CB10
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2EED8 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CallEncodePointerTranslator
                                                                                                                                                                                                                                                                                                            • String ID: MOC$RCC
                                                                                                                                                                                                                                                                                                            • API String ID: 3544855599-2084237596
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1c81a5d02d7979dd4dad50f55436adaf5051385037e661534b2c2f58034018d3
                                                                                                                                                                                                                                                                                                            • Instruction ID: 105abb737cce97bfd1c64ec9202d2ccf99efb8dc68faec24ffbb9bc33d113667
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1c81a5d02d7979dd4dad50f55436adaf5051385037e661534b2c2f58034018d3
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 45618032909B8685D720AB25E4403EAB7A0FB89784F854635EB9C13B65CF7CE1A1CB10
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C27E20 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • CreateDirectoryW.KERNEL32(00000000,?,00007FF7A0C2352C,?,00000000,00007FF7A0C23F23), ref: 00007FF7A0C27F32
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CreateDirectory
                                                                                                                                                                                                                                                                                                            • String ID: %.*s$%s%c$\
                                                                                                                                                                                                                                                                                                            • API String ID: 4241100979-1685191245
                                                                                                                                                                                                                                                                                                            • Opcode ID: a1c59376f93c8b4c6db0aee125681cb96c2ab9e1787ffa8cf6eb7b68f1c1c36c
                                                                                                                                                                                                                                                                                                            • Instruction ID: 1150562dffcaae317c41bf732352ad9deff7e3beb9ed0776f7c46cdce1e90b5c
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a1c59376f93c8b4c6db0aee125681cb96c2ab9e1787ffa8cf6eb7b68f1c1c36c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3931DA6161AAC345EA21B730E4903EAA354EF88BE0F810B30EE6D47BD5DE3CF5018710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C22810 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 65windowCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Message
                                                                                                                                                                                                                                                                                                            • String ID: ERROR$Error$[PYI-%d:%ls]
                                                                                                                                                                                                                                                                                                            • API String ID: 2030045667-255084403
                                                                                                                                                                                                                                                                                                            • Opcode ID: 035b7a672ed8def45fe49a9c290554376ffedfd07499b26c39d849b73b89d90e
                                                                                                                                                                                                                                                                                                            • Instruction ID: b6312bb1418801c6037f82234456c629e03965953e39ba6d51e6b0351c067558
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 035b7a672ed8def45fe49a9c290554376ffedfd07499b26c39d849b73b89d90e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1321D372B09B4292E710AB24F4847EAB3A0FF88780F810535EE8D5376ADE3CE245C750
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DDF650 Relevance: 6.4, APIs: 1, Strings: 3, Instructions: 382COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionRaisememcmp
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 2159421160-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 5510feb14dea88ae92a77c34ee5a39bd9dff1919bc737fe2358dd9b970a8dbf4
                                                                                                                                                                                                                                                                                                            • Instruction ID: b8a786ffb53994fcf5b5ec3194559c1aa12a16d452c2b8b0690aec1fb029de20
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5510feb14dea88ae92a77c34ee5a39bd9dff1919bc737fe2358dd9b970a8dbf4
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EAF16A72B0A742ABE724CBA6C5507AD37A5FB48788F004035DF1D9BB94DF38E8198B54
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E240F0 Relevance: 6.3, APIs: 5, Instructions: 70COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 438689982-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: f156c778602553fb8e6ad486ebff7de94d5ca6f9ee5b8a755dbaf2d72c8b4207
                                                                                                                                                                                                                                                                                                            • Instruction ID: 8d57ae3b60c1de010058cc149eb75689a2529814b1b7b5ab01ef390dd2fad135
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f156c778602553fb8e6ad486ebff7de94d5ca6f9ee5b8a755dbaf2d72c8b4207
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9E215C72A1A791D3DA64AB16B5410AAB3A1FB447C0F085135DBCE47F96DF3CE4618314
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3C5A0 Relevance: 6.3, APIs: 4, Instructions: 299fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2718003287-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 04e310725d937c0b27e7ac1e6c46040fced781be2c4963351fe3137ba04acc33
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0b35890192f65bdb57e5fef155bcad069ac46718a958d0ac66eaf53f5501689b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 04e310725d937c0b27e7ac1e6c46040fced781be2c4963351fe3137ba04acc33
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73D12572B1AB4289E714DF75C4802ECB7B1FB14798B824636DE4D97BA9DE38E006C711
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DCEC40 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 249COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID: %s-shm$readonly_shm$winOpenShm
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-2815843928
                                                                                                                                                                                                                                                                                                            • Opcode ID: fbd402a391f95b288c7bc3f82079c8b9616d1f50f4ab568a7bfe371c4fe44437
                                                                                                                                                                                                                                                                                                            • Instruction ID: 7739974d1ab9939e7342375d1cca57580a43a3d9749cfab6e12bb01443e6f2a3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fbd402a391f95b288c7bc3f82079c8b9616d1f50f4ab568a7bfe371c4fe44437
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3CC11CB1A0BA83A2EB55AB71F45467923A0FF44BD4F144135DE6E476A0EF3CE4498338
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E585A0 Relevance: 6.2, APIs: 3, Strings: 1, Instructions: 239COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • memcpy.VCRUNTIME140(?,?,?,?,00000080,?,?,?,00000000,00007FF8A8E58A6F), ref: 00007FF8A8E58739
                                                                                                                                                                                                                                                                                                            • memcpy.VCRUNTIME140(?,?,?,?,00000080,?,?,?,00000000,00007FF8A8E58A6F), ref: 00007FF8A8E587BB
                                                                                                                                                                                                                                                                                                            • memcpy.VCRUNTIME140(?,?,?,?,00000080,?,?,?,00000000,00007FF8A8E58A6F), ref: 00007FF8A8E588AD
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: RETURNING may not use "TABLE.*" wildcards
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-2313493979
                                                                                                                                                                                                                                                                                                            • Opcode ID: 0288751f268e253f0b5d943a861ab99312bd63e3f322591f5a0f5aea74af32d9
                                                                                                                                                                                                                                                                                                            • Instruction ID: 7b3d1511eafbf1c3d92fe441f94a10f8d36917d68909b3cfe7fe1906165337e2
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0288751f268e253f0b5d943a861ab99312bd63e3f322591f5a0f5aea74af32d9
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C0B1DC72A0ABD1E6E724CB2594402AA77A0FB44BE4F099335DEAD077D5DF38E0A5C314
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3CF60 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7A0C3CF4B), ref: 00007FF7A0C3D07C
                                                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7A0C3CF4B), ref: 00007FF7A0C3D107
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ConsoleErrorLastMode
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 953036326-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: a47a8d54e36ced6583969bea4ac316e5fdc1f02f5f342ddc714eca2f45cad1a1
                                                                                                                                                                                                                                                                                                            • Instruction ID: 4d69c7d0cb746da3c3bdcf764d3043b4f7bf8f2656e92f2fd1a11be880a87b76
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a47a8d54e36ced6583969bea4ac316e5fdc1f02f5f342ddc714eca2f45cad1a1
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6891F222E2965385F768AF65A4403FDFBA0BF44B98F954539DE0E527A4CE38F442C321
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E493F0 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 198COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: %s.%s$column%d$rowid
                                                                                                                                                                                                                                                                                                            • API String ID: 0-1505470444
                                                                                                                                                                                                                                                                                                            • Opcode ID: ce9811c683529395846280cdd6f3ca33b5e0997b8693e991c0a95600bcbb4431
                                                                                                                                                                                                                                                                                                            • Instruction ID: 18648306ec949f8b16bcc6cbfb710b1fdfec738e759fa85160d687daf5263a09
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ce9811c683529395846280cdd6f3ca33b5e0997b8693e991c0a95600bcbb4431
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F691BA32A0AB8191EA20EB15E4443A967A4FB45BE4F148336DEBD173E4DF3ED855C324
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E23E60 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 183COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: $, $CREATE TABLE
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-3459038510
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1487d30da9dc3be1a348340f229cd536925eb464540b3ceb7db45a4a39605917
                                                                                                                                                                                                                                                                                                            • Instruction ID: 0b05eea5e43bb55d1c5fe8b592dbd7a75b25bf0fdd5cc9a77b1c9fc29e3c6978
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1487d30da9dc3be1a348340f229cd536925eb464540b3ceb7db45a4a39605917
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 11611872B0A68196DB158F24A4402B9B7A2FB44BE8F444335DE6D437E1EF3DD85AC704
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3F98C Relevance: 6.2, APIs: 4, Instructions: 162COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _get_daylight$_isindst
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 4170891091-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 873197461a12b50781dd6dd2a54ab0b7f590f407db75148e336b6c99fa373a01
                                                                                                                                                                                                                                                                                                            • Instruction ID: bd40ac61b1279263cac600d662032a19c69fb88543ed33caf98a68c816dae928
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 873197461a12b50781dd6dd2a54ab0b7f590f407db75148e336b6c99fa373a01
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A5132B2F166138BEB18EB64C8602FCE761AF00358F920A35DD1E52BF4DB3CB4168200
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DFC5E7 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 149COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: out of memory$string or blob too big
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-2410398255
                                                                                                                                                                                                                                                                                                            • Opcode ID: 32c2ae49c0d43b0bf73bf14441e4c9b52f205afacfc25aad9bb6812841d0f57a
                                                                                                                                                                                                                                                                                                            • Instruction ID: 640480df255640525660b6b5f3b4d0968376454da21e609bfb847db12b857708
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 32c2ae49c0d43b0bf73bf14441e4c9b52f205afacfc25aad9bb6812841d0f57a
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1A610572B0E69292E7109B26D14027E6760FF45BC8F104436DF9D07B99CF7CE856A724
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DDA360 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 139COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 94cf11a5b90883afec42197cfdb5a29862f3f9bca546d8acf573f86d1085267f
                                                                                                                                                                                                                                                                                                            • Instruction ID: 58827d431844fddce78b81a954b734fd24ce33b1f89d2a75f9579dfda9ad54bf
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 94cf11a5b90883afec42197cfdb5a29862f3f9bca546d8acf573f86d1085267f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D851AB32A0BB81A6EB54CB25E5447AA73A4FB48BC4F048032DF5D47755DF38E858C714
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DC8417 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 128COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: (join-%u)$(subquery-%u)
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-2916047017
                                                                                                                                                                                                                                                                                                            • Opcode ID: e4b271abe33ea453b0af829f0d0b3c64b2499140cc847aae9644bee38be7c82c
                                                                                                                                                                                                                                                                                                            • Instruction ID: 658b35fc5552a95414b5db045b6094068d018895fdc0691993947cdda458f1db
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e4b271abe33ea453b0af829f0d0b3c64b2499140cc847aae9644bee38be7c82c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3151D4B2B2E542A5EBA08A35D044F382791FB04BE4F524631DB3D033C5DF6CE8598768
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE8EF0 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 121COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memmove
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 2162964266-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: d6626209ff5963ca4a15e42e4622f64455280571ca08852fb66255ebaf8cff30
                                                                                                                                                                                                                                                                                                            • Instruction ID: 6b7f36ede831825ec0fbb77a85c0eaf6ced52224f7ffc306d839a34046c472ec
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d6626209ff5963ca4a15e42e4622f64455280571ca08852fb66255ebaf8cff30
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 91515B3261ABC0E6DB21CF15E4402AAB7A5FB84BC4F944036DA8D53B59DF3CD499C710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3577C Relevance: 6.1, APIs: 4, Instructions: 119pipeCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2780335769-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 601044899bb77d1db34704472f686b9691880a3163deed0eb7e9945e8072c835
                                                                                                                                                                                                                                                                                                            • Instruction ID: 9ec04191ef7586357726f4b2ee308b94a100058e1cd1d5e9a7d1179a24bb5a4c
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 601044899bb77d1db34704472f686b9691880a3163deed0eb7e9945e8072c835
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EF51AE22E257428AFB18EF71D4543FDA7A1AF48B58F924834DE0D477A9DF38E4418722
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF21E0 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 115stringCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00007FF8A7FF20AF,?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF220A
                                                                                                                                                                                                                                                                                                            • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,00007FF8A7FF20AF,?,?,?,00007FF8A7FF206C), ref: 00007FF8A7FF2228
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: strncmp
                                                                                                                                                                                                                                                                                                            • String ID: CJK UNIFIED IDEOGRAPH-$HANGUL SYLLABLE
                                                                                                                                                                                                                                                                                                            • API String ID: 1114863663-87138338
                                                                                                                                                                                                                                                                                                            • Opcode ID: a963b875801d9843ea49cd289ad9d5ca77fa3890532c8e824ee28ee48ef07934
                                                                                                                                                                                                                                                                                                            • Instruction ID: 928b60cba7672047a22330e53e429755053a13cf384b09f5270f03d915214200
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a963b875801d9843ea49cd289ad9d5ca77fa3890532c8e824ee28ee48ef07934
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F741F672B0AB4296E7108F28E84427D7B51FB90BE4F548230EA5947BD9DFBCE6059B40
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DEFE60 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 114COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID: $%!.15g$-
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-875264902
                                                                                                                                                                                                                                                                                                            • Opcode ID: 312380605faac612b932c0e84749a71c5b5db630570bc0cb0ad3afdeeff4af52
                                                                                                                                                                                                                                                                                                            • Instruction ID: 54168fc7cca26ad5feed635d01f4652029340dab926a415538347cf43a524c83
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 312380605faac612b932c0e84749a71c5b5db630570bc0cb0ad3afdeeff4af52
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DD412472A1A78593EB10CB2EE0417AA7BA0EB857C4F004175EE9D0779ADB3DE419C714
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DE8550 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 84COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 0-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: 6305e94a9a690e28374634513fa7c07f3dc0461b62686fa81fd07b9bb206b833
                                                                                                                                                                                                                                                                                                            • Instruction ID: b2dddb5a8cfc352f17097999f7edcc83f82af27125842e6d29130d519bc32046
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6305e94a9a690e28374634513fa7c07f3dc0461b62686fa81fd07b9bb206b833
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F631BC72A0A6C19ED304CF2AD49047D7BA1E781B84F04413ADFA95B399EF3CD969C760
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DDC240 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 79COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                                            • String ID: %s at line %d of [%.10s]$8653b758870e6ef0c98d46b3ace27849054af85da891eb121e9aaa537f1e8355$database corruption
                                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-3727861699
                                                                                                                                                                                                                                                                                                            • Opcode ID: d55a6328535592a9e318385a5f1e464099d72822ee4cd89bff26eb268217b2a5
                                                                                                                                                                                                                                                                                                            • Instruction ID: d169b0e315c7cbf0189f938416626c3e665113dbd8287f3ce20bc992e1e0fcc3
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d55a6328535592a9e318385a5f1e464099d72822ee4cd89bff26eb268217b2a5
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2431D13271A68292EB509F59E4506BA77A5FBC8BC0F440135FE4E87B98DF3CD9058B14
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C220C0 Relevance: 6.1, APIs: 4, Instructions: 52COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: LongWindow$DialogInvalidateRect
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 1956198572-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 3f66ec3ad31a24d6b03c6ecd933265a99c2c3f38e7b83c206d3886b5f9d1bb92
                                                                                                                                                                                                                                                                                                            • Instruction ID: 47b08541bb5e98152de1df3d43dd95ded3e48e17c5121fc58aa2c93dd384282e
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3f66ec3ad31a24d6b03c6ecd933265a99c2c3f38e7b83c206d3886b5f9d1bb92
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9811C621A0D14352F654BB7AE5486FD9252FF88790FC55830DF4907FAADD2DF8918210
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8EF2F10 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: fc74a681ac9cfba130fc09d6d1be2f184761751582f3a5224d5c822cd04c3667
                                                                                                                                                                                                                                                                                                            • Instruction ID: 4030c07cb5db2dae2c15743bd9bc400d947e8278ad9d464d95997633a295a2be
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fc74a681ac9cfba130fc09d6d1be2f184761751582f3a5224d5c822cd04c3667
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28112E36B15F429AEB00CF60E8542B833A4FB59798F440E31EE6D867A4DF78D5648354
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2D010 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 884c9866f0db1ea4ea3e8c559fd458021c8c8106c035f87ab540984eb8a2d97e
                                                                                                                                                                                                                                                                                                            • Instruction ID: 2af955d0b2bb542ebe79df5e6f97ca2dcd3159eead6ff606bd82a8fd5484383b
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 884c9866f0db1ea4ea3e8c559fd458021c8c8106c035f87ab540984eb8a2d97e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 56115A26B15F068AEB00EF70E8582B973A4FB59758F850E31DA2D867B4DF7CE1548350
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF2E0C Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1143ce772416530538e6e632f3059b38426edc2ca8d0a1c1cafe6258f8b28d68
                                                                                                                                                                                                                                                                                                            • Instruction ID: 36c5e3e34e1eb76ca55442b5151af26c7e79c3251f3a846fdbed5a0ed3aff11d
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1143ce772416530538e6e632f3059b38426edc2ca8d0a1c1cafe6258f8b28d68
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9F11E826B16F059AEB008F70E8553B833A4FB59798F441A35DA6D467A4DFBCD1688340
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8774F54 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3015192995.00007FF8A85B1000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF8A85B0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3015114420.00007FF8A85B0000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3015838667.00007FF8A8865000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3015838667.00007FF8A8886000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3015838667.00007FF8A8895000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3015838667.00007FF8A889F000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3015838667.00007FF8A88E1000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3015838667.00007FF8A89B0000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3015838667.00007FF8A89B8000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3017463399.00007FF8A8ABF000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3017541826.00007FF8A8AD6000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3017613226.00007FF8A8AD9000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3017727384.00007FF8A8ADC000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3017805352.00007FF8A8ADD000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3017926318.00007FF8A8ADE000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018012710.00007FF8A8B02000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018084859.00007FF8A8B03000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018153363.00007FF8A8B04000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018217971.00007FF8A8B06000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018286771.00007FF8A8B0E000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018366123.00007FF8A8B4F000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018437066.00007FF8A8B83000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018508315.00007FF8A8BAB000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018575176.00007FF8A8BAE000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018642830.00007FF8A8BAF000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018722306.00007FF8A8BB0000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018795725.00007FF8A8BB1000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018871828.00007FF8A8BB3000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018945344.00007FF8A8BC2000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018945344.00007FF8A8BCA000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3018945344.00007FF8A8BEF000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019170224.00007FF8A8BF0000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a85b0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: fe63b84064a5ce4d74b8ca480f490018c065660e782260b98ef3b250c9bc7566
                                                                                                                                                                                                                                                                                                            • Instruction ID: dbef9e44712591050a32c07bef3500624b19d283a87da31333133642a1964d76
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fe63b84064a5ce4d74b8ca480f490018c065660e782260b98ef3b250c9bc7566
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D6115226B16F019AEB00CF64E8552B833B4FB19798F440E31DA6D867A4EF7CE554C354
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C45B1C Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 121COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _get_daylight$_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: ?
                                                                                                                                                                                                                                                                                                            • API String ID: 1286766494-1684325040
                                                                                                                                                                                                                                                                                                            • Opcode ID: 34aa9ba053483d92f686c00bb3d23c2ed0895a5cb55bf09a4ef316522e0c30cf
                                                                                                                                                                                                                                                                                                            • Instruction ID: b56a335598895307bffbb21fb4a4150b940e13c8f7301da5e94201eb7c808d52
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 34aa9ba053483d92f686c00bb3d23c2ed0895a5cb55bf09a4ef316522e0c30cf
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 70412512E0A38346F724A72594493BAF652FF80BA4F954634EE4C06BF6DF3DE4418710
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C39014 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 111COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF7A0C39046
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: HeapFree.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A95E
                                                                                                                                                                                                                                                                                                              • Part of subcall function 00007FF7A0C3A948: GetLastError.KERNEL32(?,?,?,00007FF7A0C42D22,?,?,?,00007FF7A0C42D5F,?,?,00000000,00007FF7A0C43225,?,?,?,00007FF7A0C43157), ref: 00007FF7A0C3A968
                                                                                                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(?,?,?,?,?,00007FF7A0C2CBA5), ref: 00007FF7A0C39064
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                                            • API String ID: 3580290477-517116171
                                                                                                                                                                                                                                                                                                            • Opcode ID: 652ac8178d02f9bf502bb0dac840cc2c27021cfa98e1c84195502d2d1921a3a9
                                                                                                                                                                                                                                                                                                            • Instruction ID: 079443ae0f506acad9f23d614e175981b0bc64d39f7da26a100cf9d431c81dc5
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 652ac8178d02f9bf502bb0dac840cc2c27021cfa98e1c84195502d2d1921a3a9
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1A415B36A1AB0386EB19AF21D4401EDF2A4EF44BD0B965835E94E53BA5DE3CF4918321
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3CC38 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ErrorFileLastWrite
                                                                                                                                                                                                                                                                                                            • String ID: U
                                                                                                                                                                                                                                                                                                            • API String ID: 442123175-4171548499
                                                                                                                                                                                                                                                                                                            • Opcode ID: 4f5d94246872f2193e537bc66f33c90add5f7e97f4787e66017fcfb3b1ebd6d4
                                                                                                                                                                                                                                                                                                            • Instruction ID: 2c0f98df7d8224c5ab303a503ff41957bfb29fff724ee327cf373c742f2cfd8a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4f5d94246872f2193e537bc66f33c90add5f7e97f4787e66017fcfb3b1ebd6d4
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ED41B432729A4281DB20AF25E4443FAE761FB88784F914531EE4D877A4EF3CE401D751
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C3F5B8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: CurrentDirectory
                                                                                                                                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                                                                                                                                            • API String ID: 1611563598-336475711
                                                                                                                                                                                                                                                                                                            • Opcode ID: e8d367c4ea258391d160676196091cc4497c978f166048fd005a5cb1bdaac227
                                                                                                                                                                                                                                                                                                            • Instruction ID: d837d0594d1f2187d6b14eab9d73c45481aa34fe3220dd2ee05d5e54e0e7a8f5
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e8d367c4ea258391d160676196091cc4497c978f166048fd005a5cb1bdaac227
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C221F772A1964281EB24AB11D0452ADF3B1FF88B84FC74835E64D437A4CF7CF5558762
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C2FD48 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: ExceptionFileHeaderRaise
                                                                                                                                                                                                                                                                                                            • String ID: csm
                                                                                                                                                                                                                                                                                                            • API String ID: 2573137834-1018135373
                                                                                                                                                                                                                                                                                                            • Opcode ID: b596af9f6a60738c50b353da5cbad86497326ffe12a5eabfdc94c01c9dae4a3e
                                                                                                                                                                                                                                                                                                            • Instruction ID: a64a565d4d6e3f8fd67bde9380e8ad4d88971d9d5c4452f0250fd87b657ebb1a
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b596af9f6a60738c50b353da5cbad86497326ffe12a5eabfdc94c01c9dae4a3e
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 68115E32609B8682EB219F25E400299B7E5FF88B84F594630EB8D07B65DF3CE5528B00
                                                                                                                                                                                                                                                                                                            Function 00007FF7A0C4073C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 36COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011318955.00007FF7A0C21000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7A0C20000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011248620.00007FF7A0C20000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011401450.00007FF7A0C4B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C5E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011478230.00007FF7A0C61000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011613214.00007FF7A0C64000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7a0c20000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: DriveType_invalid_parameter_noinfo
                                                                                                                                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                                                                                                                                            • API String ID: 2595371189-336475711
                                                                                                                                                                                                                                                                                                            • Opcode ID: 68237dfdc7112287ec82a3b365f776b5c9f6f856de5878160eaa1a8f91e0357f
                                                                                                                                                                                                                                                                                                            • Instruction ID: c42803372e61254891469ff545854aceb2cf9d043f3024b028b5daa6f66b82cc
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 68237dfdc7112287ec82a3b365f776b5c9f6f856de5878160eaa1a8f91e0357f
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4E018F2291960386F724BF6094692FEE3A0FF88784FD60835D54D477A1DE3DF5048B26
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF4E9C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 34COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: String$Err_FromUnicode_
                                                                                                                                                                                                                                                                                                            • String ID: no such name
                                                                                                                                                                                                                                                                                                            • API String ID: 3678473424-4211486178
                                                                                                                                                                                                                                                                                                            • Opcode ID: 72dc25e13e04fc2e9e7414dcf655970bd367e8a4c240637ec9098a4c84f598be
                                                                                                                                                                                                                                                                                                            • Instruction ID: 3351aa60623d09785b41c64160b644cc7b7291149bfbb6878b6615119791c9f1
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 72dc25e13e04fc2e9e7414dcf655970bd367e8a4c240637ec9098a4c84f598be
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 68012C31A1AA42A2EB619F35E8107BD23A0FF98BC8F404031DA4D87795EFBCE2049711
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8DC5B95 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: _msizerealloc
                                                                                                                                                                                                                                                                                                            • String ID: failed memory resize %u to %u bytes
                                                                                                                                                                                                                                                                                                            • API String ID: 2713192863-2134078882
                                                                                                                                                                                                                                                                                                            • Opcode ID: 1620b94e1496c3a76f9313f6941ee5be211108b89c88192d34549017afd6c90c
                                                                                                                                                                                                                                                                                                            • Instruction ID: 3271c1dcca904e630d11c3a0dd5639970a5016bade2f857bff2a8ab4f1823cea
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1620b94e1496c3a76f9313f6941ee5be211108b89c88192d34549017afd6c90c
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 14E06D64B0A781D1FA145B56B94027956A1FB48FC4F049030EE1E07B59DF7CE8658318
                                                                                                                                                                                                                                                                                                            Function 00007FF8A7FF27C0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            • _PyObject_GC_New.PYTHON313(?,?,00000000,00007FF8A7FF274F), ref: 00007FF8A7FF27C6
                                                                                                                                                                                                                                                                                                            • PyObject_GC_Track.PYTHON313(?,?,00000000,00007FF8A7FF274F), ref: 00007FF8A7FF27F8
                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3011756386.00007FF8A7FF1000.00000020.00000001.01000000.00000018.sdmp, Offset: 00007FF8A7FF0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011682189.00007FF8A7FF0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A7FF6000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A803A000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8048000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3011828823.00007FF8A8097000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012219092.00007FF8A809A000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3012386348.00007FF8A809C000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a7ff0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: Object_$Track
                                                                                                                                                                                                                                                                                                            • String ID: 3.2.0
                                                                                                                                                                                                                                                                                                            • API String ID: 16854473-1786766648
                                                                                                                                                                                                                                                                                                            • Opcode ID: 76703d1612d6e4714df42c5d19f915ca772ef609570fabb6ef902927984103e5
                                                                                                                                                                                                                                                                                                            • Instruction ID: 75694b9a84799d67694714a466e4e16fa7106e5f836868dc2173d487c44712b8
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76703d1612d6e4714df42c5d19f915ca772ef609570fabb6ef902927984103e5
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84E07525A0BF02A5EF158F71E85406C22A5FF0CBA5B54013ACD5D42360EFBDE264E654
                                                                                                                                                                                                                                                                                                            Function 00007FF8A8E0DB10 Relevance: 5.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.3019302556.00007FF8A8DC1000.00000020.00000001.01000000.00000015.sdmp, Offset: 00007FF8A8DC0000, based on PE: true
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019234443.00007FF8A8DC0000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019473856.00007FF8A8EF4000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019556538.00007FF8A8F23000.00000004.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.3019627658.00007FF8A8F28000.00000002.00000001.01000000.00000015.sdmpDownload File
                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff8a8dc0000_file.jbxd
                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                            • API ID: memcpy
                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                            • API String ID: 3510742995-0
                                                                                                                                                                                                                                                                                                            • Opcode ID: 35c5d2ddfb0390e77b5fc4b97464002024ab7fc143e77e726d05edeed6224623
                                                                                                                                                                                                                                                                                                            • Instruction ID: a129f64cdf5a0adeb095a9bb7af55363b299af6146f6ca3847953408206d41ad
                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 35c5d2ddfb0390e77b5fc4b97464002024ab7fc143e77e726d05edeed6224623
                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DA91C071B4B746EAEA249B2691402792BA0FF44BE0F095734DE6D877C5EF3CE4608718